Apple Deletes 256 iOS Apps from App Store Over Latest User Privacy Breach

Apple will remove at least 256 iOs apps from its App store after security analysts discovered that the apps had illegally collected user information, such as email addresses, serial numbers and other private data, putting roughly one million users at risk of being tracked.

According to Ars Technica, security analytics startup Source DNA revealed the data collection is done so surreptitiously that even the affected app developers are not likely to discover it. This is because the private data is normally collected by the creator of the software development kit which is used to deliver advertisements to apps.

Apple is yet to find out how the perpetrators were able to go around its tight vetting process and strict privacy policy.

"This is the first time we've found apps live in the App Store that are violating user privacy by pulling data from private APIs," Source DNA founder Nate Lawson said. "It's definitely the kind of stuff that Apple should have caught."

In response, Apple released an official statement confirming they identified various iOS apps that utilize a third-party advertising SDK, which was created by a Chinese mobile ad provider called Youmi.

Generally, China-made apps were the ones mostly affected. Even the official McDonalds app programmed for Chinese users was not able to escape the information breach.

Apple said it will remove all apps using Youmi's SDK from their App Store, and that it will reject any new apps submitted to the App store using SDK.

"We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly," the company added.

Youmi illegally violated Apple's privacy by indirectly collecting email addresses without permission. This places users in a vulnerable position, as hackers could potentially access their multiple online accounts including banking information.

The latest security breach involving iOS apps came just weeks after dozens of iOS apps in China were hacked by XCode Ghost, a malware that attempts to steal user data.

Although Apple has not officially disclosed their vetting process, the company is known to be very strict when it comes to putting up security measures. The tech giant is yet to announce an official investigation on the latest attacks.

Join the Discussion
Real Time Analytics