Five companies settled with the New York Attorney General over mobile app data security issues at the end of last year. The AG alleged that the companies, Western Union, Priceline, Equifax, Spark Networks, and Credit Sesame, had a well-known security vulnerability in their apps. This vulnerability resulted in insecure connections between the apps and the companies' servers. As a result, a third party could easily have gained access to people's sensitive information.
In its announcement, the AG pointed out that the vulnerability in question had been well known for many years, and that the FTC had reached a settlement in 2014 over the same issue. Also, that app developers can test their software for the vulnerability using "freely available software." As part of the settlement the companies have agreed to implement comprehensive security programs to protect user information.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.