Mail application Edison Mail showed a large-scale exchange of e-mails on Saturday. Several users reported via Twitter that they had gained insight into other people’s inboxes. According to the application manager, the error is based on a bug, not a data breach.
Edison Mail users approached the application manager on Twitter on Saturday. The tweets say that they suddenly got an insight into the inbox of other people. It was announced to The Verge that users had installed an update to the Edison Mail app before the issue occurred. A user suddenly got an insight into an English inbox with more than 100 e-mails, without entering login details. Other users report that they suddenly see another device appearing in their Edison Mail account, accessing their emails.
Emails via Edison Mail were suddenly visible to other users
Presumably, the emails could also be viewed and it would be possible to compose emails from the email addresses involved in the data breach; it was also possible to delete emails, according to an Edison Mail user on Twitter. In a response from the developer it says that it would be a small part of the total user base; how many people were affected by the error in Edison Mail is unknown. In response, the company emphasizes that it is not a data breach, which has caused the problems is currently being investigated – a new feature may be the cause.
It is suspected that the update is responsible for the problems in the Edison Mail app. Commenting to The Verge, the developer said it tested a feature to sync data between devices. For the time being, it has withdrawn the update and Edison Mail will contact all affected users. In addition, the developer asks its users to delete all app data and change the password of their email address. All users affected by the error have now been logged out and will need to log in to the Edison Mail app again.
Edison assists users in securing their mail account
Edison Mail suspects that the error only affected iOS users. In the Google Play Store, the mail app has more than one million installations. The question is whether you would still like to use the Edison Mail app. Edison claims to use a ‘Privacy by Design’ standard when developing the Edison Mail app, but does not live up to this promise in practice. It is unknown whether Edison Mail will also report the data breach to the European authorities. Since the introduction of the European GDPR, or AVG in the Netherlands, companies have been obliged to report data leaks. Will you continue to use Edison Mail? Let us know in the comments.