Target Wish List App Exposes Users’ Data to a Potential Breach -- Security Today

Target Wish List App Exposes Users' Data to a Potential Breach

By Sydny Shepard
Dec 16, 2015

Hackers can access your personal information from Target – again – thanks to a flaw in the retailer’s mobile app.

In a blog post, security researchers from Avast revealed the flaw, wish allows unauthorized access to customers’ addresses, phone numbers and other personal information from wish lists created with the Target app. Target shoppers do catch a break this Christmas season as credit card information doesn’t seem to appear to be stored with the wish lists.

Avast said it discovered the flaw while examining the security and privacy levels of various mobile buying apps. During their investigation, researchers looked at what permissions were granted to users, in additions to trying to hack the apps.

As of mid-December, Target has been notified of the problem and has disabled certain elements of its wish list.

“We apologize for any challenges guests may be facing while trying to access their registry," Molly Snyder, a communications manager at Target, said in a statement. "Our teams are working diligently overnight to resume full functionality."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Transforming Door Opening Design

Stop managing building openings with binders and spreadsheets; discover how unified software platforms are streamlining compliance and BIM integration. Read Now
- Facility Security
Trends of the Day: 8 Promising Trends That Are Redefining Identity In 2026

From invisible security in air travel to AI-powered fraud detection, discover the pivotal shifts making the person the ultimate credential. Read Now
- Identity Management Biometrics
Keeping Pace: How Schools Can Plan And Execute a Pilot Program For a System Migration

Stop the rip-and-replace anxiety with a controlled pilot program that validates tech performance, engages stakeholders and proves ROI. Read Now
- Education Security
The Key to Convergence: Mobile Access Moves Towards Wallet-Based Credentials

Adoption of mobile-based identity is surging as 74% of organizations ditch plastic badges for the security and convenience of digital wallets. Read Now
- Access Control
The Hidden Attack Surface: Why Physical Security Needs Help From The IT World

From gunshot detection to door sensors, black box testing is no longer optional as life-safety devices become high-stakes nodes on the IT network. Read Now
- Cybersecurity

Artificial Intelligence

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.