If you’re not one to use iOS’ automatic updates feature, make sure to grab the latest updates. A security vulnerability discovered shows that attackers would have been able to intercept user login credentials on older versions of the clients. After having disclosed the vulnerabilities to both companies, it appears that the security holes have been fixed appropriately.
The applications Experian — Free Credit Report and myFICO Mobileare both financial applications built with the purpose to keep users informed of their credit report and information. Keeping an eye on your credit report can help spot identity theft, invalid derogatory marks, and help with seeing the impact that debt payments have overall on a score. In the past 180 days Experian’s application shows a download count of about 270,000 and myFICO’s about 39,000 .
When contacting the myFICO team, they were a bit more receptive to the situation. Both Strafach and I were told to email the team independently, unfortunately I only received back the following automated message from their mail server: “The recipient’s mailbox is full and can’t accept messages now. Please try resending your message later, or contact the recipient directly.”
As of today, both applications’ vulnerabilities have been resolved. Grab the updates on the App Store as soon as you can, and make sure you’re updated and running iOS’ latest builds.
If you were using any of the older versions of the applications, we recommend changing your account passwords, and any other accounts with the same user credentials.
Source: 9to5mac