Heartbleed-like flaw puts smartphone users’ passwords and location data at risk

BILLIONS OF SMARTPHONE USERS’ personal data is at risk after researchers uncovered a Heartbleed-like vulnerability in some of the “most popular” Android and iOS apps.

Researchers from Fraunhofer Institute for Secure Information Technology and Darmstadt University of Technology told Reuters about the vulnerability after discovering 56 million items of unprotected data in the applications that were studied. These included games, social networks, messaging, medical and banking apps.

The German researchers didn’t name the apps in question, but said they include some of the most popular on the Apple and Google app stores.

The flaw exposes passwords, addresses, access codes and location data, but the researchers found no evidence that the vulnerability had been exploited.