Roblox accused of putting 100 million players at risk of data theft

Researchers have claimed that popular online game Roblox suffers from a series of security vulnerabilities that could have compromised the...

Researchers have claimed that popular online game Roblox suffers from a series of security vulnerabilities that could have compromised the data of more than 100 million players, many of whom are children.

According to a report from CyberNews, Roblox is guilty of a number of “glaring” lapses in security, specifically relating to the Android application.

However, Roblox has denied the claims, stating that the research was based on inactive code and that the vulnerabilities weren't serious at all.

A Roblox spokesperson told TechRadar Pro: “We take all reports seriously, and immediately investigated when first approached by the researcher in March. Our investigation determined there is no correlation between these claims and real risk to users’ data privacy."

"One claim was inaccurate and the other three pertained to inactive code not used on the Roblox platform. Regardless, we deleted the inactive code as part of our commitment to the security and the safety of our users.”

Roblox security issues?

The CyberNews report alleges that the app exposed user data via four separate avenues: through misconfigurations in the Roblox Android manifest file, inadequate hashing algorithms, susceptibility to the Janus vulnerability and hardcoded API keys.

Together, these issues supposedly earned the Roblox Android app a remarkably low 10/100 score as per the Mobile Security Framework, a common test used to assess the security performance of mobile apps.

Although CyberNews acknowledged that some of the security holes have been patched in the latest versions, the researchers believe “the threat to player security is very real” and that user data such as names and email addresses could be compromised with relative ease. 


(Image credit: Roblox)

While security issues are cause for concern in any context, this is particularly true in the case of Roblox, which is played predominantly by children between the ages of 9 and 15.

Many data protection regulations worldwide, including GDPR, contain specific provisions intended to enhance the protection of children’s personal data, which means companies such as Roblox are required to go the extra mile to shield data from attack.

What’s more, according to CyberNews, the volume of microtransactions that take place on the Roblox platform, coupled with the number of young users, makes the game an ideal target for cybercriminals.

In a statement shared with media, CyberNews expresses disappointment with the shoddiness of Roblox’s security practices, but also with the company’s sluggish response. The researchers claim to have contacted Roblox on multiple occasions to warn the company of the vulnerabilities, but supposedly received no response.

“It’s worrying to see a company with decades of development experience, millions of customers and the budget to match, following such security practices,” said Mantas Sasnauskas, Senior Researcher at CyberNews.

“We’re calling on Roblox to address the platform’s security risks as a top priority - these security and privacy practices should be much more rigorous and looked at more thoroughly, especially for a game that has hundreds of millions of users.”

from TechRadar - All the latest technology news https://ift.tt/3xBZM7e



Apps,3855,Business,147,Camera,1154,Earn $$$,1,Gadgets,1739,Games,924,Innovations,1,Mobile,1695,Paid Promotions,2,Promotions,2,Technology,7933,Trailers,795,Travel,36,Trendly News,18147,Video,4,XIAOMI,12,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Roblox accused of putting 100 million players at risk of data theft
Roblox accused of putting 100 million players at risk of data theft
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy