Yo app gets hacked; founder calls it a learning experience

A group of students at Georgia Tech found a way to find users’ phone numbers and send them unwanted messages. The app’s creator took it as an opportunity to explain some features.

Ragan Insider Premium Content
Ragan Insider Content

Our initial findings were on the spoofed Yos and showing the custom alert. We instantly closed these holes, but there was another issue to follow. I’ve called the number from the text message and spoke with the hacker, which was actually helpful and emailed me with the details of the attack. The issue that followed was that our database had an open access from the app itself, a fact that allowed any malicious party to read the user information.

Abel said that issue was resolved Friday around noon, and the developers worked with one of the hackers to verify it had been fixed. He said engineers and one of the hackers are working on ways to make the app more secure. He also noted that the hackers got users’ phone numbers because the app gives users the option to find friends in their phone’s contact lists. He said Yo doesn’t store any information from users’ contacts. Abel also explained that Yo doesn’t ask users for much personal information:

To read the full story, log in.
Become a Ragan Insider member to read this article and all other archived content.
Sign up today

Already a member? Log in here.
Learn more about Ragan Insider.