(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
A French ethical hacker, going by the name Elliot Alderson on Twitter, said he spent 30 minutes on the recently launched Koo app and found it to leak user data. He posted screenshots of his finding on Twitter.
Following this, Koo’s co-founder Aprameya Radhakrishna denied the claim and tweeted that the news about data leak is being spoken unnecessarily.
“The data visible is something that the user has voluntarily shown on their profile of Koo. It cannot be termed a data leak,” Radhakrishnan said. “If you visit a user profile, you see it anyway.”
This exchange comes at a time when prominent Indian politicians, including the country IT minister Ravi Shankar Prasad, are openly vouching for Koo app.
Alderson’s research shows that Koo user’s personal data like email id, date of birth, name, marital status and gender are visible to other even if they chose to keep it private.
The France-based hacker replied to Radhakrishna that he checked the point before calling out the issue. He also shared a picture of a profile page of an IAS officer and said that he could access information that was not displayed on her profile.
When a user sets up a profile on Koo app, information such as email, mobile, gender, marital status is voluntary. Only a valid mobile phone number is required to create an account.
Radhakrishna said that they are trying to do something nice for the country. He asked if the hacker wanted to help them through some feedback.
