An Aussie App For Uni Students Potentially Exposed The Data Of 50,000 People

By

David Adams

Published

An app used by dozens of Australian university clubs says it is investigating reports of a major security flaw which potentially exposed the personal data of 50,000 students.

[jwplayer Unzscvy2]

The Guardian reports a Reddit user discovered an alleged weakness in the app Get, which permitted unauthorised users to access full names, “associated emails, phone numbers, date of births, Facebook ID’s, for all the users on their platform.”

The apparent security weakness, discovered late last week, spurred the anonymous user to contact the app’s administrators.

“We became aware of this on Saturday (7th September) and have spent the last 24 hours investigating the claims,” a Get spokesperson wrote Sunday night.

The app said it responded by “tokenising” its API calls – in other words, double-checking users who log in or access Get have the required authorisation to access data.

Folks behind Get also contacted clubs which may have been impacted by the potential breach, and begun investigating whether the data had been scooped earlier, the statement said.

But the Reddit user who uncovered the issue told The Guardian that was a “non-response”, urging Get to inform users which data was released, if any, as a matter of urgency.

Get, formerly Qnect, enables clubs to set up events, create online stores, and provide ticketing services. The website lists positive testimonials from representatives of the UNSW Engineering Society, Medical Society, and Education Society, among others.

The Reddit user said this potential breach is concerning, as “societies sometimes help members with sensitive topics,” adding “name, date of birth and mobile are enough for a wealth of social engineering hacks”.

As Qnect, the company was the target of a separate date breach in 2017, in which the platform was subjected to an attempted extortion attempt. Speaking to News.com.au last year, co-founder Daniel Liang said “the media did blow it up much more than it really was.”

Get yesterday assured users it was safe to use, and that events and e-commerce activities hosted on Get will continue to operate.

READ MORE
Robert Downey Jr Had His Instagram Hacked For An iPhone Giveaway Scam
READ MORE
5 Things To Know Before You Sashay Into Your First Day Of Uni Like You Own The Place

The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At PEDESTRIAN.TV, we independently choose and write about stuff we love and think you’ll froth too. We have affiliate partnerships so we might get a bit of money from any purchase you make based on our recs, cool? Cool. FYI – prices are accurate and items in stock at the time of posting.

Tags:

, , , , ,

More Stuff From PEDESTRIAN.TV

Trending Now

Trending Now

Insiders Close To Gypsy Rose Blanchard Have Shared The Wild Reason She Split From Ryan Anderson

Insiders Close To Gypsy Rose Blanchard Have Shared The Wild Reason She Split From Ryan Anderson

Entertainment
Aussie Influencer Karina Irby Says She ‘Accidentally’ Bought An Investment Property In Cooked Vid

Aussie Influencer Karina Irby Says She ‘Accidentally’ Bought An Investment Property In Cooked Vid

Entertainment
The Tortured Poets Department: The Exact Date & Time Of Release Across Every Australian State

The Tortured Poets Department: The Exact Date & Time Of Release Across Every Australian State

Entertainment
All 17 Farmer Wants A Wife Couples Still Blissfully Together After Meeting On The Show

All 17 Farmer Wants A Wife Couples Still Blissfully Together After Meeting On The Show

Entertainment