---
title: "Hundreds of Applications Could Potentially Expose Data Through Basic Errors - Telesys Voice and Data Blog"
description: "Even a relatively simple issue can severely expose your business’ data. See what can be learned from research from Broadcom."
url: "https://mail.dfwphones.com/blog/hundreds-of-applications-could-potentially-expose-data-through-basic-errors"
date: "2026-06-05T23:12:41+00:00"
language: "en-GB"
---

## Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Dallas/Fort Worth area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

 [ Categories ](https://mail.dfwphones.com/blog/categories "Categories")

 [ Tags ](https://mail.dfwphones.com/blog/tags "Tags")

 [ Categories:  All Categories ](https://mail.dfwphones.com/javascript:void(0); "Categories")

 Search...Suggested keywords

 [  x ](https://mail.dfwphones.com/javascript:void(0);)

 <a class="eb-image-viewport"></a>

#  Hundreds of Applications Could Potentially Expose Data Through Basic Errors

  [Telesys Voice and Data Blog](https://mail.dfwphones.com/blog/categories/blog)   [Security](https://mail.dfwphones.com/blog/categories/security)

  [Telesys Voice Data Solutions](https://mail.dfwphones.com/blog/blogger/telesys-admin)

  Monday, 03 October 2022

   [ 0 Comments ](https://mail.dfwphones.com/blog/hundreds-of-applications-could-potentially-expose-data-through-basic-errors#comments)

 [ ![Hundreds of Applications Could Potentially Expose Data Through Basic Errors](//mail.dfwphones.com/images/easyblog_shared/October_2022/10-03-22/b2ap3_large_dataExposure_233494953_400.jpg) ](//mail.dfwphones.com/images/easyblog_shared/October_2022/10-03-22/dataExposure_233494953_400.jpg "Hundreds of Applications Could Potentially Expose Data Through Basic Errors")

At the beginning of September, it was revealed that a relatively simple issue existed in nearly 2,000 mobile applications that potentially exposed some (read: a lot of) sensitive data. Let’s take a brief, basic look at the situation to see if there are any lessons that can apply to your business.

Trust us, there will be.

## In Essence, the Issue is One of Access Permissions

Let’s go over how these apps generally work.

Naturally, the apps that you use on your phone aren’t fully hosted on your device. Instead, they are commonly hosted in cloud services. In theory, the application you install effectively just contains hardcoded access credentials that allow you to access the data or the service that application provides.

Notice that we said, *in theory*. Research conducted by Broadcom’s Symantec Threat Hunter team revealed that these purportedly single-purpose logins were able to access all of the files that a cloud service contained—including company data, backups of databases, and system controls.

Worse, if multiple apps included the same publicly available software development kits (SDKs) or were created by a single company, these login credentials could potentially grant access to numerous applications, exposing the infrastructure and user data of each.

So, let’s say that an attacker happened to obtain these access tokens. With the situation being the way it is, that would give the attacker access to all of the applications—and more critically, the user data these applications contain—that the access tokens granted access to.

Between the Android and iOS platforms, researchers found almost 2,000 applications that had their credentials hard-coded to Amazon Web Services—three-quarters of those granting access to private cloud services (and half of those granting access to private files), with about half containing access tokens found in completely unrelated applications.

## So, What Does This Have to Do With Your Business?

Let me ask you something: who in your business could potentially access your payroll information, your employees’ private information, or all the financial data you’ve collected from your clientele and workforce alike?

This idea that certain information is accessible by those who shouldn’t have access to it is the crux of the issue. You need to ensure that your data and files are only accessible to those who need them for their work responsibilities. This is known as the principle of least privilege—basically, all access and information are distributed on a need-to-know basis, based on the responsibilities of the individual users.

In short, much like these applications *should* have been doing, you need to ensure that access to this data is locked down. We can help.

Give us a call at PHONENUMBER to learn more about how we can help you.

 [  ](https://mail.dfwphones.com/javascript:void(0);) [  ](https://mail.dfwphones.com/javascript:void(0);) [  ](https://mail.dfwphones.com/javascript:void(0);)

Tags:

  [Data](https://mail.dfwphones.com/blog/tags/data)   [Current Events](https://mail.dfwphones.com/blog/tags/current-events)   [Mobile Device](https://mail.dfwphones.com/blog/tags/mobile-device)

 [  The CHIPS Act Looks to Help Push Technology Forwar... ](https://mail.dfwphones.com/blog/the-chips-act-looks-to-help-push-technology-forward)

 [  How to Determine the Costs Associated with Your Pr... ](https://mail.dfwphones.com/newsletter-content/how-to-determine-the-costs-associated-with-your-printing)

 About the author

 [ ![Telesys Voice Data Solutions](https://mail.dfwphones.com/images/easyblog_avatar/806_806_blog-author.png) ](https://mail.dfwphones.com/blog/blogger/telesys-admin)

 [Telesys Voice Data Solutions](https://mail.dfwphones.com/blog/blogger/telesys-admin)

  [  ](https://mail.dfwphones.com/blog/blogger/telesys-admin)

Author's recent posts

  [More posts from author](https://mail.dfwphones.com/blog/blogger/telesys-admin)

 [ Tuesday, 30 June 2026  Stop Managing Metal, Start Managing People: A Guide to Hybrid IT ](https://mail.dfwphones.com/newsletter-content/stop-managing-metal-start-managing-people-a-guide-to-hybrid-it)

 [ Saturday, 27 June 2026  Free AI is Not Free: Why Public Tools Are a Security Risk ](https://mail.dfwphones.com/newsletter-content/free-ai-is-not-free-why-public-tools-are-a-security-risk)

 [ Thursday, 25 June 2026  Phishing is Getting Sophisticated: The New Threats Businesses Face ](https://mail.dfwphones.com/newsletter-content/phishing-is-getting-sophisticated-the-new-threats-businesses-face)

 <a class="eb-anchor-link" data-allow-comment="1" id="comments" name="comments"> </a> Comments

  No comments made yet. Be the first to submit a comment

   **![Guest](https://mail.dfwphones.com/media/com_easyblog/images/avatars/author.png)**   Already Registered? [Login Here](https://mail.dfwphones.com/home/login-logout?return=aHR0cHM6Ly9tYWlsLmRmd3Bob25lcy5jb20vYmxvZy9odW5kcmVkcy1vZi1hcHBsaWNhdGlvbnMtY291bGQtcG90ZW50aWFsbHktZXhwb3NlLWRhdGEtdGhyb3VnaC1iYXNpYy1lcnJvcnM=)

 Friday, 05 June 2026

  Subscribe to the blog (Please fill in your email address to subscribe to updates from this post.)

 **Captcha Image**

## Schema

```json
{
    "@context": "https://schema.org",
    "@type": "BreadcrumbList",
    "itemListElement": [
        {
            "@type": "ListItem",
            "position": 1,
            "name": "Home",
            "item": "https://mail.dfwphones.com"
        },
        {
            "@type": "ListItem",
            "position": 2,
            "name": "Blog & News",
            "item": "https://mail.dfwphones.com/blog"
        },
        {
            "@type": "ListItem",
            "position": 3,
            "name": "Telesys Voice Data Solutions",
            "item": "https://mail.dfwphones.com/blog/blogger/telesys-admin"
        },
        {
            "@type": "ListItem",
            "position": 4,
            "name": "Hundreds of Applications Could Potentially Expose Data Through Basic Errors",
            "item": "https://mail.dfwphones.com/blog/hundreds-of-applications-could-potentially-expose-data-through-basic-errors"
        }
    ]
}
```