PII Leak, Credentials Leak
Skyscape is a US company that provides decision-support applications for Physicians, Nurses,Students and Healthcare Professionals. Wandera detected that both the iOS and Android apps of Medpresso, Inc healthcare app Skyscape are leaking the emails and passwords of users in clear text. 100,000 to 500,000 users are said to have downloaded the application, therefore thousands of accounts may have been compromised and had their credentials stolen.
Wandera tests on the latest Skyscape apps available on Play Store and iTunes, confirm that subscribers’ email addresses and passwords are transferred in clear text over unsecure connection, making them an easy target for attackers listening to the connection.
In order to set up an account, users provide their personal information, which could have catastrophic consequences if it falls into the wrong hands. This information could be misused by the attacker in case of a credential compromise.
Wandera researchers have discovered data leaks occurring during the login and registration request processes in both the Android and iOS versions of the application. This results in the following sensitive PII being exposed:
Both businesses and users should have an active mobile security service deployed to block data leaks among applications used. Users should avoid using the Skyscape mobile applications over public and potentially insecure WiFi hotspots in order to minimize the risk of traffic interception. The developers of the Skyscape apps are advised to utilize SSL/TLS in order to protect the transmission of personally identifiable user information, session tokens, or other sensitive data to a backend API or web service.