image credit: Pixabay

MyEstatePoint Property Search Android app leaks user passwords

January 5, 2024

The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing the sensitive details of its app users.

The app, developed by NJ Technologies, an India-based software developer, has over half a million downloads on the Google Play store and mainly serves the Indian market.

According to the team, the exposed server contained data on over 497,000 users, almost matching the number of times the app was downloaded.

We reached out to NJ Technologies for comment but have yet to receive a reply.

Read More on Security Affairs