Edison Mail rolls back an iOS update that let you see strangers’ mails
The update was aimed at helping users sync their data across various devices.
Edison Mail on Sunday rolled back an update on its iOS based after reports of a bug giving users access to the email accounts of other users stormed the internet.
According to a report by The Verge, several Edison Mail users reported seeing a bug in their apps that gave them access to the accounts of other users after they updated the app. This means that while they could see emails and account details of other users, their accounts could be accessed by strangers as well.
The bug was reported shortly after the company released an update to its iOS-based app that was aimed at helping users sync their data across various devices. Here is what some of the users wrote:
@Edison_apps not my email. Not my device. How can this still be going one and how can you not communicate anything. Clearly someone with the device “Mandy's iPhone) currently has full access to my email accounts. Please tell me the data deletion works at least?
— Petter Magnusson (@MagnussonP) May 16, 2020
I just updated @Edison_apps Mail &, after enabling a new sync feature, an email account THAT IS NOT MINE showed up in the app, that I could seemingly axcess completely.
— Zach (@zmknox) May 16, 2020
This is a SIGNIFICANT security issue. Accessing another's email w/o credentials! Never trusting this app again.
I just updated @Edison_apps Mail &, after enabling a new sync feature, an email account THAT IS NOT MINE showed up in the app, that I could seemingly axcess completely.
— Zach (@zmknox) May 16, 2020
This is a SIGNIFICANT security issue. Accessing another's email w/o credentials! Never trusting this app again.
Responding to the matter, the company said that it had rolled out a software update to a small percentage of its users, some of whom reported experiencing a flaw in the app. “We have quickly rolled back the update. We are contacting the impacted Edison Mail users (limited to a subset of those users who have updated and opened the app in the last 10 hours) to notify them,” the company said in a statement to the publication.
It also urged all its users to log out and log-in again to reverse the impact of the bug.
At 10:50 PM PST Friday evening a security bug was introduced for a small fraction of our iOS users. We have rolled that update back. All impacted users are being logged out and will need to re-login.
— Edison (@Edison_apps) May 16, 2020
If you are using Edison Mail, it is advisable that you change the login-password of your account as soon as possible and try to re-login into your account.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.
