Skip to main content

Quibi, JetBlue, and more leaked your email to advertisers, report finds

Companies like Quibi and JetBlue are leaking users’ email addresses to the likes of Facebook, Google, and Twitter through third-party advertisers, which allows those advertisers to more easily track users across the web and target them with ads, a new report claims.

Researcher Zach Edwards found many popular websites employ third-party analytics to advertise to users, but then end up inadvertently leaking those users’ email addresses to advertising and analytics companies, according to an extensive Medium post published on Wednesday.

Recommended Videos

Edwards found hundreds of millions of emails and real users could have been affected, and that this issue has apparently been ongoing for years.

In the case of Quibi, after a new user confirms their email address, the email is added to the webpage URL in plain text, Edwards wrote, and then shared with third-party advertisers.

He described the leaks as “a sloppy and dangerous growth hack,” and added that some of those breaches are still live.

Edwards said he had reached out to all the companies affected, and only three made efforts to plug the leak: Wish.com, Mailchimp, and the Washington Post.

In a statement to Digital Trends, JetBlue said: “The safety and security of our customers and their personal data is a priority and we take these concerns seriously. We will review the researcher’s findings to ensure we are respectful of our customers’ personal information and are in full compliance with the standards we have set.”

A spokesperson for Quibi claimed in an email to Digital Trends that the problem had already been fixed. “Data protection is essential to Quibi and the security of user information is of the highest priority,” the spokesperson said. “The moment the issue on our webpage was revealed to our security and engineering team, we fixed it immediately.”

Wish, also in an email, said that “data protection and user trust are a top priority,” and that after receiving “a report from a security researcher,” it had “promptly investigated” and made changes, including “additional use of encryption to further protect user email addresses.”

Wish also said Edwards’s Medium post was “off the mark,” and that the companies that received the data did so because they were Wish’s advertising and sales service providers, and that this was therefore not a breach.

Dr. Noah Johnson, co-founder and chief technology officer of data security startup Dasera, told Digital Trends he expects to see more cases like this in the future.

“Businesses have secured their infrastructure well from external hackers but not from the point of view of how they themselves use consumer data,” he said. “When thousands of insiders — analysts, data scientists, contractors — are using consumer data daily, there is always the chance that one instance of carelessness or malice can cause users to lose trust with your brand.”

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Apple might once again be considering a TV of its own
The Apple TV Siri Remote in hand.

Toward the end of the first decade of the 2000s, rumors swirled that Apple had its sights set on making a TV — a proper set, not a streaming device like what the Apple TV has become. Steve Jobs even claimed to have figured out exactly how to add the product to the company's portfolio, but the idea never came to fruition before his untimely passing. In today's Power On newsletter, Mark Gurman said that Apple "may even revisit the idea of making an Apple-branded TV set."

Gurman didn't mention details beyond that. In fact, the mention of the TV set came on the heels of a discussion around Apple's upcoming smart home device. Gurman's phrasing regarding the TV — "something [Apple] is evaluating" — is the key here. Gurman suggests that revisiting an Apple-branded TV might be dependent on the success of upcoming smart home devices, especially since HomeKit has been the least popular and least-supported platform of the three major choices.

Read more
The uncertain future cost of Apple’s Emergency SOS feature
Person holding iPhone 14 searching for Emergency SOS satellite.

It's been roughly two years since the launch of the iPhone 14 and its Emergency SOS via satellite feature. You might recall that during the first two years, Apple said it would be free to use but that it might require a subscription after that time, according to MacRumors. Last year, Apple extended the time limit by one more year, so you actually have until November 2025, when the trial period ends.

That's good news. The Emergency SOS feature is, quite literally, lifesaving. During April of this year, three university students lost their way in a canyon and used the feature to call for help. Another story arose in July where the feature came through once more in a moment of crisis. And if you keep digging, you'll find numerous other examples of how this tech is truly beneficial.

Read more
Apple’s smart home display already sounds like a convenience victory
Nest Hub Max

Over the past few weeks, rumors of Apple developing a smart display for home control have picked up pace. The company is said to be developing two versions, and one of them might even feature a robotic arm and revive an iconic Mac’s design. 

Now, Bloomberg has shared some juicy details about how the entry-level option will look and work. The device will offer a 6-inch screen with a square-ish format flanked by sensors, including a FaceTime camera in landscape orientation. 

Read more