Subscribe to our newsletter and stay informed

Check out our list of top companies

Check out our carefully compiled lists of the most relevant and impactful companies within their fields.

Check out our list of top unicorns

Read and learn about the biggest companies that various countries have produced, how they made it, and what the future looks like for them.
February 14, 2024

Glow Fixes Bug Exposing Users' Data

Glow's online forum breached the privacy of approximately 25 million users, revealing a trove of personal information

In a recent discovery by a security researcher, approximately 25 million users of the fertility tracking app Glow had their personal data exposed due to a bug in its online forum.

The exposed data included users' first and last names, self-reported age groups, location, unique user identifier within the Glow platform, and any uploaded images, such as profile photos.

Security researcher Ovi Liber identified the leak from Glow's developer API and reported it to the company in October. Glow promptly addressed the issue approximately a week later.

Typically, APIs are restricted to authorized users, but Glow's API was accessible to anyone, according to Liber.

Despite Glow confirming that the bug is fixed, they declined to provide further details on the incident. This lack of transparency raises concerns among users and cybersecurity experts alike.

Eva Galperin, cybersecurity director at the Electronic Frontier Foundation, emphasized the significance of such data exposure, suggesting that it could prompt users to reconsider their usage of Glow.

Glow, established in 2013, markets itself as a comprehensive period tracker and fertility app. However, this isn't the first time the company has faced privacy-related issues. In 2016, a privacy loophole allowed access to sensitive user data, and in 2020, Glow was fined $250,000 for failing to safeguard users' health information adequately.

This latest incident underscores the importance of robust data protection measures, especially for apps handling sensitive personal information like fertility and health data.

Neil Hodgson Coyle
Neil Hodgson-Coyle
Editorial chief at TechNews180
Back to top

Related articles

chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram