Koo App leaking sensitive user data: French cybersecurity researcher
Thursday, 11 February 2021 (16:12 IST)
New Delhi: Koo app, which is being called the Indian alternative of Twitter has been found to leak a lot of sensitive user data, including email ID, phone numbers and date of birth, French cybersecurity researcher Robert Baptiste tweeted after using the app.
“You asked so I did it. I spent 30 min on this new Koo app. The app is leaking personal data of its users: email, dob, name, marital status, gender,” Baptiste, popularly known as Elliott Anderson on Twitter tweeted last night.
According to his tweets and the screenshots he posted on the microblogging site, Koo is leaking some sensitive details and it is possible that data of millions of users have already been leaked or scrapped, including data of Indian government departments and ministers who have joined the service.
Baptiste is known to have highlighted several vulnerabilities in the Aadhaar system along with other tech services in the past.
Reacting to the data leaks, Koo said, “Users enter their profile data on the app to be shared with others on the platform. That’s what’s displayed everywhere across the platform. While there have been false allegations of a data leak, it’s just commonly called the public profile page for all users to view!”
Koo is also being reported to have registered in China.
Talking about the Chinese investment, the company in a statement said, “Koo takes pride in being an Indian company with Indian founders and in being registered here. The recent investment in Bombinate Technologies Koo’s parent company was by Mohandas Pai of 3one4 Capital, an Indian investor. Shunwei, a single-digit shareholder that had invested in Vokal, another start-up of ours which answers user questions in Indian languages, will be exiting fully. Bombinate is the parent company of Vokal and Koo.”
Launched in early 2020, the yellow alternative to the popular blue bird was co-founded by entrepreneurs Aprameya Radhakrishna and Mayank Bidwatka. It also won the Atmanirbhar App Innovation Challenge.
The app recently came to limelight as a result of a tussle between the Indian government and social networking service Twitter, after the former asked it to remove multiple accounts alleged to have spread misinformation and propaganda about the ongoing farmer’s protest.
The California-based app disagreed and stood its ground, releasing some statements wherein it said it would take no action against the accounts of journalists, activists, celebrities and people tweeting about the protest that has been going on for over 70 days.
Post Twitter’s statement, #BanTwitterInIndia was seen trending for hours with people tweeting about switching to Koo.
Recently, Minister Piyush Goyal, too tweeted, “I am now on Koo. Connect with me on this Indian micro-blogging platform for real-time, exciting and exclusive updates. Let us exchange our thoughts and ideas on Koo.”
Now, the Ministry of Electronics and Information Technology (MeitY) and other government departments have verified handles on Koo. (UNI)