"Indian Social Media App Slick Exposed Childrens' User Data"

The Indian social media app Slick exposed an internal database containing users' personal information, including information belonging to school children. Since December 11, a database including the complete names, mobile phone numbers, birth dates, and profile images of Slick users was left unprotected online. Archit Nanda, a former Unacademy executive, launched Slick in November 2022. The app is available on both Android and iOS and functions similarly to Gas, a popular compliments-based app. The app also enables school and college students to communicate with their friends anonymously. Anurag Sen, a security researcher from CloudDefense.ai, discovered the unsecured database and requested TechCrunch's help in reporting the matter to the social media company. Due to a misconfiguration, anyone who knows the database's IP address can access the database, which had more than 153,000 user entries at the time it was secured. TechCrunch also discovered that the database was accessible via an easily guessable subdomain on Slick's main website. This article continues to discuss the exposure of childrens' user data by the Indian social media app Slick.

TechCrunch reports "Indian Social Media App Slick Exposed Childrens' User Data"