Home » News » Apps » More than 250 apps collecting personal data removed from App Store

More than 250 apps collecting personal data removed from App Store

By Shrey Pacheco | Updated on 20-Oct-2015
More than 250 apps collecting personal data removed from App Store
Shrey Pacheco Shrey Pacheco
20 Oct 2015 11:33
HIGHLIGHTS

The affected apps were mostly China-based and gathered information such as email addresses, unique serial numbers, etc that could be used to track users

Apple has started removing more than 250 apps from its App Store after it was found that the apps were collecting personal data. The apps were gathering information such as email addresses, unique serial numbers and other personally identifying information that could be used to track users. The collection of such data is in violation of Apple’s privacy policy as the company does not allow third-party applications to share data without obtaining permission from the user. It also rejects apps that require users to share personal information such as email addresses or birth dates. 

A Chinese mobile ad provider named Youmi was the developer that was siphoning information. The affected apps are mostly China-based and included the official McDonalds app for Chinese speakers. Apple released a statement saying, “We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines. The apps using Youmi's SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly.”

The apps were detected by SourceDNA, a security analytics startup. Its researchers found four major classes of information that were gathered by apps using the Youmi ad SDK. This included a list of all the apps installed on the phone, the platform serial number of iPhones and iPads when running older versions of iOS, list of hardware components as well as their serial number on devices running newer versions of iOS, and email address associated with the user’s Apple ID.

Last month, Apple was cleaning the App Store of more than 300 applications that were affected by a malicious program called XcodeGhost. The code affected iPhone and iPad programs. The program was embedded in a number of legitimate apps in the Store and developers of the apps unknowingly added the code by using a ‘tainted’ version of Xcode. Xcode is Apple’s own software that is used to create apps for iOS and OS X. Although Apple did not make an official statement as to the number of apps that were affected, a Chinese security firm called Qihoo360 said that it found 344 apps with XcodeGhost. 

Source: Ars Technica

Shrey Pacheco

Shrey Pacheco

Writer, gamer, and hater of public transport. View Full Profile

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo