True is a social networking app which promises to ‘protect your privacy’. However, they recently experienced a security lapse which exposed one of their serves, resulting in the leakage of users private data, available on the internet for anyone to see.
The data leak happened after one of the app’s dashboards databases was exposed to the internet without a password meaning that anyone was able to read, search or browse the database at will, including users private data which the app swears to protect.
Chief Executive of True, Bret Cox, confirmed that there was a security lapse, but would not answer any further questions following plans to inform users of the exposed data, or whether they would inform regulations of the breach under state data breach notification laws.
The server contained data of logs dating back to February, user’s email addresses, phone number, geolocations, private messages and posts. Unfortunately, none of the data was encrypted.