Popular amongst Android users, an app that is used to locate accessible Wi-Fi that is nearby has exposed the passwords for over two million networks. The app itself has more than 100,000 users and allows them to upload their own Wi-Fi passwords as well, so others may access them. Through a deeper analysis, it was discovered that the database contained network information such as network name, geolocation data, and passwords stored in plain text, apart from other information. While the app supposedly offers only public Wi-Fi networks, that seems to not be the case based on the information included in the database–many of the servers were from home networks. The company that created the app was called out for leaving this database wide open, but no response has been given. The researcher who discovered the database decided to reach out to DigitalOcean, who hosts the app, and they quickly got rid of the database.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that