It's been reported that nearly 24,000 applications on the Google Play Store have suffered data leaks and these applications are being compromised by accident due to Google Firebase being badly configured--unlike those scams and malware that most people deal with in the Play Store that steal and distribute user information.
Google Firebase is one of the most used Android App
According to Comparitech's research, the application Firebase is used in almost a third out of all Play Store applications, and nearly 4.8% of those apps that store user data are poorly secured databases. These databases consist of personal information like credit card data, GPS data, IP addresses, copies of chat messages, phone numbers, full names, passwords, and email addresses.
The database can also be accessed with a simple and fast web search. Even though Google deletes Firebase databases from the search results, they still can be found in other search engines such as Bing.
The team from Compatitech has found that a lot of the apps that leak are really popular among users having been downloaded 4.22 billion times. These apps are mainly educational applications and games.
It should be noted that since these apps have such a high number, it is possible that even you and the applications you have used along with your data is stored in a searchable database.
Prevent your personal data from being leaked
The only solution to this whole situation is for each of the application's developers to try and update their storage configuration on Firebase. Users should observe preventive measures by creating new and unique passwords as much as possible and an encrypted password manager can help to keep them all safe.
According to reports from Life Hacker, "Keep shared data and personal identifying information to the bare minimum. That includes contact info like your name, address, and personal email/phone numbers; any financial or payment information; and other user data like your GPS and web browser history."
Everyone should not link their applications and other accounts together if they don't necessarily have to. Having all of these connected and to each other can make it easier for anyone to break into the accounts.
Comparitech also recommended that users should only download apps from verified publishers with a good rating, and large numbers in its download activity.
However, these download numbers can also be misleading in some cases. Make sure to take your time to read through every review and check whether or not the permission on the app is reliable and find out what they are actually for.
Last but not the least, use anti-malware anti-antivirus apps. Sure, this won't completely prevent data leakage, it is still a good decision to have this software as they will reduce your chances of downloading malicious software.
