Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Half a million users of real estate Android app have passwords leaked

Almost half a million users of a popular real estate Android app have had their names and passwords exposed, according to new reports.

user icon Daniel Croft
Fri, 05 Jan 2024
Half a million users of real estate Android app have passwords leaked
expand image

The app in question is the MyEstatePoint Property Search app, which was developed by Indian software developer NJ technologies. The majority of users are from the Indian market.

As initially reported by CyberNews, the MyEstatePoint Property Search app exposed customer data after it left a MongoDB server containing the details publicly accessible.

“This comprehensive dataset poses severe risks as threat actors could exploit the exposed information for unauthorised access, identity theft, fraudulent activities, and potentially compromise the privacy and security of the affected individuals,” said NJ Technologies.

============
============

Just over half a million users have downloaded the MyEstatePoint Property Search app on the Google Play Store, while the exposed server had the data of 497,000 users, meaning almost all users were affected.

The data included first and last names, plain-text passwords, mobile phone numbers, email addresses, sign-up methods, and users’ city and business descriptors.

The range of exposed data could lead to thousands of future attacks. These attacks could expand to other services as well, including financial and banking services, as many individuals reuse usernames and passwords for multiple accounts.

NJ Technologies has currently remained quiet on the incident. Furthermore, there is currently no evidence of any data being used by threat actors for malicious purposes.

Cyber Daily has reached out to NJ Technologies requesting comment on the incident.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.