2.6 million plaintext passwords and user IDs

4 million+ PHI (Protected Health Information) records (chat messages and prescription details)

25 million GPS location records

50,000 financial records including banking, payment and Bitcoin transactions

4.5 million+ Facebook, LinkedIn, Firebase, and corporate data store user tokens.

"The only security feature available to developers is authentication and rule-based authorization," the researchers explain. What's worse? There are no "third-party tools available to provide encryption for it."

Found this article interesting? Follow THN on Facebook Twitter  and LinkedIn to read more exclusive content we post.