Firebase platform suffers from data exposure

Posted date 22/05/2020

Firebase, a Google platform for developing web and mobile applications, has exposed sensitive information from more than 4,000 applications that use its database, due to poor permission settings by the application's developers.

Comparitech, a company dedicated to the research and comparison of technological services, has discovered this information leak after examining more than half a million Google Play Store applications, of which more than 4,000 leaked information. Among the exposed data are email addresses, credentials, telephones, names, surnames, addresses, both IP and postal addresses, and GPS information.

Comparitech reported their discovery to Google immediately, and a spokesperson responded by explaining that they will notify developers of possible misconfigurations in their deployments, while offering recommendations to correct them. They have also contacted the affected developers to fix the problem.