Messaging app suffers security lapse, millions of messages leaked: Report

A popular messaging app that calls itself secure with end-to-end encryption has suffered a security lapse resulting into a huge cache of users’ messages being posted online, said a report. TechCrunch says that the messaging app is widely used in Asia and across the world with 20 million global users.

Even JusTalk Kids shows 1 million android downloads on Google Play. JusTalk says that both apps are end-to-end encrypted, which means that only the people in the conversation can read the messages. JusTalk claims on its website that “only you and the person you communicate with can see, read or listen to them: Even the JusTalk team won’t access your data!”

But the lapse has raised questions on the security of these apps.

The leaked data includes millions of JusTalk user messages, along with the precise date and time they were sent and the phone numbers of both the sender and the recipient. It also contained records of calls that were placed using the app.

The report says that security researcher Anurag Sen found the data this week and asked TechCrunch for help to report it to the company.

JusTalk was launched by Juphoon, a China-based cloud company in 2016. The app is now owned by Ninbo Jus. As per records on Juphoon’s website, both companies appear to share same office address.

Because each message recorded in the data contained every phone number in the same chat, it was possible to follow entire conversations, including children using the JusTalk Kids app to chat with their parents.

(With inputs from agencies)

You can now write for wionews.com and be a part of the community. Share your stories and opinions with us here.

WATCH WION LIVE HERE