Security News > 2021 > March > iPhone Call Recorder bug gave acess to other people's conversations
An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers.
The application's name is "Automatic call recorder" or "Acr call recorder" and has thousands of user reviews in App Store amounting to a rating above 4 stars; it has also been listed among the top call recording apps for iPhone.
Using open-source intelligence, security researcher Anand Prakash, founder of PingSafe AI, found the app's cloud storage on Amazon along with host names and some sensitive data that it used.
On its website, the app boasts having over one million downloads from users in more than 20 countries.
Zack Whittaker from the media outlet contacted the app's developer, who released a new version with the fix.
According to Whittaker, the app's storage bucket on Amazon contained over 130,000 recordings weighing around 300 gigabytes.