Consumer Electronics Daily was a Warren News publication.

5 Companies Agree to Patch ‘Well-Known’ Mobile App Security Flaw

Five companies agreed to secure user data transmitted on mobile apps, New York Attorney General Barbara Underwood (D) said Friday in a settlement with Equifax, Priceline, Western Union, Spark Networks and Credit Sesame. Underwood said the companies claimed user information was reasonably protected but failed to “sufficiently test” app security. Passwords and Social Security, credit card and bank account numbers could have been extracted through a “well-known security vulnerability,” she said. The companies agreed to implement comprehensive security programs in response to Underwood’s initiative testing dozens of mobile apps. Equifax settled the matter in May 2017, a spokesperson said Monday: “The vulnerability mentioned was immediately remediated, and we have no evidence that consumer information was impacted as a result.” A Credit Sesame spokesperson said it discovered and resolved its Android app vulnerability the same day in 2016 and welcomed collaboration with Underwood. The other companies didn’t comment.