HomeBreaking Newssecurity news

A bug in Edison Mail iOS app impacted over 6,400 users

A security bug in the iOS app has impacted over 6,400 Edison Mail users, the issue allowed some users to access other people’s email accounts. An upda

UK ICO fines hotel chain giant Marriott over data breach
Egregor ransomware attack paralyzed for 3 days payment systems at Metro Vancouver’s transportation agency TransLink
Journalist Matthew Keys is now charged with an attack on a magazine

A security bug in the iOS app has impacted over 6,400 Edison Mail users, the issue allowed some users to access other people’s email accounts.

An update released for iOS application of the Edison Mail introduced a security bug that resulted in some users being given access to other people’s email accounts.

“On Friday, May 15th, 2020, a software update enabled users to manage accounts across their Apple devices. This update caused a technical malfunction that impacted approximately 6,480 Edison Mail iOS users. The issue only impacted a fraction of our iOS app users (and no Android or Mac users were affected). This temporary issue was a bug, and not related to any external security issues.” reads a post published by the company.

“Data from these individual’s impacted email accounts may have been exposed to another user. No passwords were compromised. “

The Edison Mail app allows users to manage their Gmail, Yahoo, Outlook, iCloud, and other email services in a single place. The company offers apps for iOS, Android and macOS, and says its products are used by millions of individuals.

edison mail assistant-ios

The update was rolled out on May 15, it included a feature that allows users to manage their accounts across their Apple devices.

Shortly after the patch was released, some users started reporting they could access other people’s email accounts from the iOS app without authentication.

Edison quickly solved the issue, the company confirmed that the bug potentially impacted 6,480 iOS users.

Edison Mail also confirmed that user credentials were not exposed.

The company addressed the issue with two updates, the first one on Saturday that prevented impacted users from accessing any account from the Edison app, the second one on Sunday morning, which re-enabled access for impacted users.

“A new version of the application was made available early Sunday morning in the App Store that restores full functionality for these 6,480 users. Other users were not impacted and no action is required.” added the company.

“We have notified all individual users who may have been impacted by this issue via email, and as an additional safety precaution, suggested that impacted users also change their email account password. If you did not receive an email on this issue then your account was not impacted,”

Pierluigi Paganini

(SecurityAffairs – Edison Mail, hacking)

Share this…
Share on Facebook

Facebook

Tweet about this on Twitter

Twitter

Share on LinkedIn

Linkedin

Share on Reddit

Reddit

Pin on Pinterest

Pinterest




COMMENTS

WORDPRESS: 0
%d bloggers like this:
Close Bitnami banner
Bitnami