Skip to main content

Target Wish List App Exposes Users’ Data to a Potential Breach

Target Wish List App Exposes Users' Data to a Potential Breach

  • By Sydny Shepard
  • Dec 16, 2015

Hackers can access your personal information from Target – again – thanks to a flaw in the retailer’s mobile app.

In a blog post, security researchers from Avast revealed the flaw, wish allows unauthorized access to customers’ addresses, phone numbers and other personal information from wish lists created with the Target app. Target shoppers do catch a break this Christmas season as credit card information doesn’t seem to appear to be stored with the wish lists.

Avast said it discovered the flaw while examining the security and privacy levels of various mobile buying apps. During their investigation, researchers looked at what permissions were granted to users, in additions to trying to hack the apps.

As of mid-December, Target has been notified of the problem and has disabled certain elements of its wish list.

“We apologize for any challenges guests may be facing while trying to access their registry," Molly Snyder, a communications manager at Target, said in a statement. "Our teams are working diligently overnight to resume full functionality."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.