Sonic games on Android platform may have leaked user location data, SEGA investigating
Last week, security company Pradeo issued a statement that claimed many of SEGA's Sonic games listed on Google Play Store are leaking user location data and device info. Among the mentioned titles – Sonic Dash, Sonic the Hedgehog Classic, and Sonic Dash 2: Sonic Boom are said to have security issues that could have affected between 120 million and 600 million users.
Those numbers are mostly based on the number of downloads each of these games have accumulated on the Google Play Store, so their accuracy might be a bit off.
According to Pradeo, each of these games have 15 vulnerabilities on average, and that the data are sent to an average of 11 distant servers including 3 uncertified ones.
According to Pradeo, each of these games have 15 vulnerabilities on average, and that the data are sent to an average of 11 distant servers including 3 uncertified ones.
Among the distant servers reached by the affected SEGA apps when sending data, we can see that most have a tracking and marketing purpose. However, what caught Pradeo’s researchers attention is the fact that these apps are sending information to 3 uncertified servers of which 2 are a variant of Android/Inmobi.D, and represent a potential threat.
Following Pradeo's report, SEGA said in a statement for Zdnet that it is now investigating these claims and, if true, will address any technical or security issues.
If any third-party partners are collecting, transmitting, or using data in a manner that is not permitted by our agreement with the third party or Sega's mobile privacy policy, prompt corrective action will be taken.
Popular stories
Latest News
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: