Target Wish List App Exposes Users' Data to a Potential Breach
- By Sydny Shepard
- Dec 16, 2015
Hackers can access your personal information from Target – again – thanks to a flaw in the retailer’s mobile app.
In a blog post, security researchers from Avast revealed the flaw, wish allows unauthorized access to customers’ addresses, phone numbers and other personal information from wish lists created with the Target app. Target shoppers do catch a break this Christmas season as credit card information doesn’t seem to appear to be stored with the wish lists.
Avast said it discovered the flaw while examining the security and privacy levels of various mobile buying apps. During their investigation, researchers looked at what permissions were granted to users, in additions to trying to hack the apps.
As of mid-December, Target has been notified of the problem and has disabled certain elements of its wish list.
“We apologize for any challenges guests may be facing while trying to access their registry," Molly Snyder, a communications manager at Target, said in a statement. "Our teams are working diligently overnight to resume full functionality."
About the Author
Sydny Shepard is the Executive Editor of Campus Security & Life Safety.