The Whisper mobile app for anonymous communication over the years inadvertently disclosed confidential information about its users through a publicly accessible online database.
The app was released in 2012 and is still used by more than 30 million people every month. According to The Washington Post, the database did not contain real names, since Whisper was designed to protect users' personal data and enable them to anonymously share their secrets. But the unprotected database contained information about age, ethnicity, place of residence, location, pseudonym in the application and membership in any groups.
However, the entries included not only current users. According to experts Matthew Porter (Matthew Porter) and Dan Ehrlich (Dan Ehrlich) from Twelve Security, the database contains about 900 million records since the release of the application in 2012. Experts immediately reported the situation to law enforcement agencies and developers of the Whisper application, and access to the database was closed.
The records also included the geodata of the last message the user sent, many of which indicated specific schools, jobs, and residential areas. According to experts, "this greatly violated the social and ethical standards related to the protection of children on the Internet."
However, vice president of parent company Whisper, MediaLab, Lauren Jamar challenged the findings of experts. According to her, messages and their relationship with location, age and other data represent "a feature of the application that users can share or not share."