Skip to main content

Hundreds of millions of email addresses fed to advertisers by popular websites

By
Many of the defective systems are still live
Some of the most popular websites online today have leaked hundreds of millions of email addresses to advertisers and data analytics firms, according to a new research report.
As a result of a defect in sign-up processes attached to websites such as Wish, MailChimp and the newly launched Quibi, user email addresses were funneled into the laps of the world’s largest advertisers, including Google, Facebook and Twitter.
Authored by security researcher Zach Edwards, the report explains that clicking on links embedded within account confirmation emails caused addresses and other user data to be delivered to third parties, who could then use the information to inform personalised advertising efforts.
The report does not make clear precisely how the email addresses were used by third party advertisers.

Email address leaks

This specific variety of breach occurs when an email address is appended to a URL following the activation of a link by the user. The information is then transferred to third party advertising and analytics firms - sometimes in plain text - as a mechanism of a piece of JavaScript code.
Users of web browser Google Chrome are more likely to fall victim, because the browser does not block JavaScript activity by default - unlike rival services Safari, Brave and Firefox.
E-commerce giant Wish was said to be responsible for one of the largest leaks, which “likely involved hundreds of millions of user emails,” according to Edwards. 
While the report criticises the lethargy demonstrated by many affected companies, it notes that Wish went to painstaking lengths to remedy the issue, rebuilding its email architecture in the space of 72 hours following the disclosure.
Streaming platform Quibi, launched on April 6, was also marked out as an offender and has since taken action to address the breach. “The moment the issue on our webpage was revealed to our security and engineering team, we fixed it immediately,” said the firm.
According to Edwards, while users can take steps to prevent leaks of this kind (such as using an ad blocker or privacy-centric browser), the failure of businesses to request the deletion of user emails from third party logs is at the heart of the problem.
“There needs to be significant efforts by organizations sharing user emails in this way, to submit partner deletion requests to the third party advertising and analytics companies who received the emails,” he said.
The majority of the defective systems were still live as of the report’s publication on April 29, which suggests many consumers remain at risk.
Labels:

Comments

  1. UnknownMay 11, 2020 at 1:42 AM

    This was a good read. Though there has been an ongoing debate about data privacy, followed by update of data policies, much more needs to be done.

    ReplyDelete

Post a Comment

Popular posts from this blog

Save the Nature

By
Save the Nature Nature is the creation of Allah, who is Almighty of all and everything. I think every living being in this world cannot live without nature. So, when need to protect it, we started damaging it with our factories, nuclear waste, plastic and especially by developing big metropolitan cities on the land of forests without planting new trees. We have destroyed our forests and green lands which were necessary for our atmosphere and are the important part of our Eco system, to protect us from dangerous heatwaves from the sun, to maintain the balance, to protect the animal Eco system, which we have tried to end with our thirst for power. We had put many of the species on the brink of extinction. As a god’s Favorite creation we were assigned the task to maintain the balance among every living being on this planet which is also very necessary for our lives. But due to our cruel thinking and nature we have destroyed it with our own hands. We are racing aga...
10 comments
Read more

This is Not The First Time

By
This is Not The First Time The pandemic that is threatening the world nowadays Covid19, has been identified as the cause of an outbreak of viral pneumonia in Wuhan, China. The disease that has infected nearly two million people and blow off the lives of more than one hundred thousand people. It is emerged and spread like a wild fire. The world has been in a panic since as it is the disease that globe has not been prepared for. The reason sounds like a joke, a statement of an alien being. This reason reminds every human of its good old school days when they always promise themselves to study the whole session not a night before the paper. Because it is not first time when such type of pandemic catches the globe in its iron hands. After being criticized for a slow response to SARS, China is once again facing global scrutiny for its handling of the new corona virus. By the time the global SARS outbreak was contained, the virus spread to over 8,000 people worldwide and killed ...
2 comments
Read more

Google launches a new Read Along app to help you with homeschooling

By
For kids five and up If you're stuck at home trying to keep the kids entertained and educated, you've now got one more online resource to draw on – Google just launched a Read Along app for  Android  that helps kids over five with their reading. The app has previously been launched in India under the name Bolo, but is now available much more widely, across 180 countries and in nine languages. It uses Google's AI smarts to analyze the words that kids are saying in response to what's on screen, giving them feedback along the way through a virtual character called Diya. "Diya uses Google's text-to-speech and speech recognition technology to detect if a student is struggling or successfully reading the passage," explains Google engineer Zohair Hyder in a    blog post . "She gives them positive and reinforcing feedback along the way, just as a parent or teacher would," says Hyder. "Children can also tap Diya at any time for help pronouncing a wor...
Post a Comment
Read more