The Problems With Celebrity Shout Out App Cameo

The Problems With Celebrity Shout Out App Cameo
An IT specialist working on a security breach defense.
Share on facebook
Facebook
Share on twitter
Twitter
Share on reddit
Reddit
Share on linkedin
LinkedIn

People love the Cameo app, which allows users to hire celebrities to record brief videos for them. Unfortunately, a major data breach may be scaring many people away from this app. Videos that were intended to be private can be downloaded by the general public. Passwords, phone numbers, and email addresses have also been leaked. Researchers have found that the app has a number of major security issues.

The app was initially released in 2017. Through the app, users can pay anywhere between $50 to thousands for a customized video. On average, the app receives around 2,000 transactions daily. The app has many rave reviews from real users that have commissioned videos from celebrities like Gilbert Gottfried and Ice-T.

The reviews that customers posted can be seen by the general public, but videos are intended to be private. Unfortunately, the review system has a design flaw that allows people to re-create the URL for a reviewed video, allowing them to see video clips that were meant to be private.

The Cameo app is designed with ease of use in mind. One of the goals of the apps is to make links easy to share. If someone has a link to a request, they can edit that request or even cancel it, even if they weren’t the person that paid for the original video.

Some of the infrastructure that is used by Cameo can be found off-site. As an example, Cameo’s privacy policy can be found on Google Docs. There are also issues with Cameo’s backend that allow people to access private data. Data leaks aren’t just limited to customers; private emails for celebrities may have been leaked as well.

Cameo has said that they recently became away of these issues and that they resolved them immediately. They believe that, in spite of these security issues, no one successfully accessed private information. However, the company is continuing to look at the issue and is taking additional steps to protect customer data.

Cameo has also commented on private videos being viewable by the general public. In their statement, Cameo claims that all of their videos are intended to be shared with family and friends. The “private” designation only means that a video can’t be viewed without the URL. If someone is able to recreate the URL for a private video, they will still be able to view it.

Cameo has said that they are contacting users about security issues even though they believe that cybercriminals were not able to take advantage of these security flaws. If you’ve used Cameo in the past, you can expect to receive a message from them about this data breach.

If you’re concerned about this data leak, don’t hesitate to contact Hook Security! With Hook Security’s Phishing Testing & Cyber Security Awareness Training, you and your employees can learn to identify potential threats. These kinds of data breaches are becoming increasingly common, which is why it’s more important than ever to learn what to watch out for.

Share on facebook
Facebook
Share on twitter
Twitter
Share on reddit
Reddit
Share on linkedin
LinkedIn
Hook Security Phishing Testing and Cyber Security Awareness Logo
Schedule Your Demo Today