• United States



Senior Staff Writer

Researcher seeks help contacting developers of iPhone app exposing 198,000 users

Mar 15, 20162 mins
Data and Information SecuritySecurity

The database is just sitting in the open, but there is no one to claim it

Applications, as well as the companies that develop them, will come and go. But once the spark has gone, what happens to the users?

In at least one instance, they’ll have their account information exposed to the public by a seemingly abandoned database.

Chris Vickery, a security researcher working for Kromtech (the company behind MacKeeper), has discovered a database with 198,000 records sitting in the public. The database contains email addresses, usernames and hashed passwords.

The exposed records are connected to an iPhone application called Kinotopic. The app’s website says it allows users to create and share cinemagraphs, a trend that was popular a few years back.

Vickery finds databases quite frequently, but this one is different; the product appears to have been abandoned and emails to the company bounce.

“I have tried to get in touch with the Kinotopic developers in several ways. All were unsuccessful,” Vickery wrote in a blog post explaining the situation.

He also reached out to Apple, but they advised him to contact the Kinotopic directly, leaving him back at square one with few options.

Faced with a dead end, he’s asked that anyone with information on how to contact the company reach out. His goal is to assist in getting the database pulled from the Web.

“Once I’m confident that they are the proper people to speak with, I can provide the exact IP address and port number of the exposed database,” he said.

Update: In an email on Thursday, Vickery says that he was able to make contact with the lead developer of Kinotopic and secure the database.