Popular iPhone and Android apps used for studying accidentally exposed top military secrets concerning “sensitive security protocols about U.S. nuclear weapons,” according to investigative journalism website Bellingcat.
The free learning apps, including Chegg, Quizlet, and Cram, contained flashcards filled with military terms that could be used to locate military bases reportedly storing nuclear devices. What’s more, the apps have millions of downloads on the Google Play Store and Apple App Store.
The flashcards were used by personal at various bases to help memorize secret military terms. Since the cards show the question and answer, anyone could access the publicly available cards and learn confidential information. In fact, Bellingcat states it could simply search for the right terms on Google to discover cards with nuclear information.
According to the report, the smartphone app Chegg had 70 flashcards titled “Study!” that contained information on the specific shelters containing the weapons.
Some of the free apps let users know exactly when someone last studied the flashcards. This would allow any malicious actors to find out if the private information is still relevant. What’s worse, Cram and Quizlet showed the username of the person who created the flashcards, which contained their full name and profile picture.
The apps featured flashcard sets that were visible online since 2013. When being made publically aware to military experts, they stated the findings were a “serious breaches of security protocols,” and had to rethink the now-leaked military operations in Europe.
Fortunately, the report claims the flashcard sets have now been taken down. However, this doesn’t mean more top private information could still be stored in secret on each app.
Smartphone apps found on the iPhone and Android phones can be used in malicious ways, and while this military data leak was more of a mishap, you’ll find plenty of other popular Android apps on Google Play Store that can expose millions of users’ private data.