The
Korean Android Apps Zcall Delivery Agent and Zcall Delivery Account
Manager, which are used to schedule and report package pickups and
deliveries, have accidentally leaked personal information about their
users.
The leaked data includes not only names, addresses, phone
numbers, and delivery times, but also plaintext passwords for shop and
staff logins, as well as what appears to be plaintext banking
information.
A statement on the company’s website acknowledges the
leak and assured customers that the outflow route has been blocked, but
blames the incident to the Korea Internet Promotion Agency, rather than a
hacking intrusion on their servers.
Source: Daily Swig