5 Companies Agree to Patch ‘Well-Known’ Mobile App Security Flaw
Five companies agreed to secure user data transmitted on mobile apps, New York Attorney General Barbara Underwood (D) said Friday in a settlement with Equifax, Priceline, Western Union, Spark Networks and Credit Sesame. Underwood said the companies claimed user information…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
was reasonably protected but failed to “sufficiently test” app security. Passwords and Social Security, credit card and bank account numbers could have been extracted through a “well-known security vulnerability,” she said. The companies agreed to implement comprehensive security programs in response to Underwood’s initiative testing dozens of mobile apps. Equifax settled the matter in May 2017, a spokesperson said Monday: “The vulnerability mentioned was immediately remediated, and we have no evidence that consumer information was impacted as a result.” A Credit Sesame spokesperson said it discovered and resolved its Android app vulnerability the same day in 2016 and welcomed collaboration with Underwood. The other companies didn’t comment.