People love the Cameo app, which allows users to hire celebrities to record brief videos for them. Unfortunately, a major data breach may be scaring many people away from this app. Videos that were intended to be private can be downloaded by the general public. Passwords, phone numbers, and email addresses have also been leaked. Researchers have found that the app has a number of major security issues.
The app was initially released in 2017. Through the app, users can pay anywhere between $50 to thousands for a customized video. On average, the app receives around 2,000 transactions daily. The app has many rave reviews from real users that have commissioned videos from celebrities like Gilbert Gottfried and Ice-T.
The reviews that customers posted can be seen by the general public, but videos are intended to be private. Unfortunately, the review system has a design flaw that allows people to re-create the URL for a reviewed video, allowing them to see video clips that were meant to be private.
The Cameo app is designed with ease of use in mind. One of the goals of the apps is to make links easy to share. If someone has a link to a request, they can edit that request or even cancel it, even if they weren’t the person that paid for the original video.
Cameo has said that they recently became away of these issues and that they resolved them immediately. They believe that, in spite of these security issues, no one successfully accessed private information. However, the company is continuing to look at the issue and is taking additional steps to protect customer data.
Cameo has also commented on private videos being viewable by the general public. In their statement, Cameo claims that all of their videos are intended to be shared with family and friends. The “private” designation only means that a video can’t be viewed without the URL. If someone is able to recreate the URL for a private video, they will still be able to view it.
Cameo has said that they are contacting users about security issues even though they believe that cybercriminals were not able to take advantage of these security flaws. If you’ve used Cameo in the past, you can expect to receive a message from them about this data breach.
If you’re concerned about this data leak, don’t hesitate to contact Hook Security! With Hook Security’s Phishing Testing & Cyber Security Awareness Training, you and your employees can learn to identify potential threats. These kinds of data breaches are becoming increasingly common, which is why it’s more important than ever to learn what to watch out for.