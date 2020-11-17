Search
Comment on Bumble vulnerabilities

November 2020 by Winston Bond, EMEA Technical Director at Digital.ai

The latest comment from Winston Bond, EMEA Technical Director at Digital.ai on the news that the dating app, Bumble has an API bug that exposes the data of millions of users:

“The vulnerabilities found on the Bumble app shows how much modern apps rely on web APIs and how complicated it can be for a company to keep all those APIs private and to lock them all down. An app built from a swarm of cloud-based micro-services, such as Bumble, exposes a lot of connections that are usually kept safely behind a firewall. Instead, problems of trust, authentication and data security are amplified so the potential attack surface for data breaches is huge. There is a clear need for a commercial solution that addresses the vulnerabilities that The Open Web Application Security Project (OWASP) has already identified in their recent Top 10 list.”




