India: Jio security breach exposes millions of symptom checker app logs


A security lapse exposed one of the core databases of the coronavirus self-test symptom checker app launched by India's largest cellphone network, Jio, shortly before the government lockdown began in late March.

The database, which had no password protection and contained millions of logs and records collected during the last two weeks in April, was found by security researcher Anurag Sen on May 1.

Some of the exposed records included individuals who answered a series of questions to create a profile they could use to update their symptoms over time; for those who opted to allow the symptom checker access to location data it included their precise location.


Writer: Zack Whittaker
Publication: TechCrunch

Related learning resources