- Alinity Divine is being investigated after throwing her cat during stream Today 12:04 PM
- ‘Comedians In Cars Getting Coffee’ returns with Seinfeld making a racist joke about China Today 10:26 AM
- YouTubers Eugenia Cooney and Shane Dawson make a joint comeback Today 9:06 AM
- The crushing effects of Trump’s abortion ‘gag rule’ on healthcare Today 8:00 AM
- How to live stream Pacquiao vs. Thurman Today 6:20 AM
- Review: Hulu with Live TV ensures you always have something to watch Today 6:00 AM
- How to live stream UFC on ESPN 4: Rafael dos Anjos vs. Leon Edwards Today 5:49 AM
- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
- Facebook and Google could be tracking you on porn sites Friday 1:42 PM
- 7 best sites for psychic love readings Friday 1:20 PM
- Driver demonstrates why you always need to read road signs Friday 12:58 PM
- Area 51 remix video proves it’s the summer of Lil Nas X Friday 12:26 PM
Pokémon Go users aren’t alerted to all the Google data the app can access.
When they say you gotta catch ’em all, Pokémon Go‘s developers may have meant catching complete control of every user’s entire Google account—largely in secret, without letting users know up front exactly what the app can do.
Today’s most popular mobile game lets users login through their Google accounts, but it fails to specify how Pokémon Go and Niantic, the company that’s working with Nintendo to develop the game, are going to use that account. The answer, researcher Adam Reeve reported, is that Pokémon Go can do almost anything with your account.
The app can read your email, send email as you, access your Google Drive, read your Google Search and Maps history, and look at private photos. All of that comes without any specific notification to you about how much of your data they’re opening up.
Furthermore, a users’ Google’s Connected Apps page doesn’t list Pokémon Go, so users can’t figure it out through that avenue either.
“Now, I obviously don’t think Niantic are planning some global personal information heist,” Reeve wrote. “This is probably just the result of epic carelessness. But I don’t know anything about Niantic’s security policies.”
Niantic Labs was owned by Google until late 2015.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.