Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Dutch Government Pauses Coronavirus App Over Data Leak Fears

The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system.

The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system.

Health Minister Hugo de Jonge announced late Wednesday that the CoronaMelder app will stop sending warnings for 48 hours while the government checks if users’ data is secure.

The Dutch app uses “exposure notification” technology developed by Google and Apple that generates random codes that can be exchanged by phones whose users are close to one another for long enough to possibly transmit the virus.

The Dutch health ministry says that it is possible for other apps on Android phones to access data about whether its user’s had been infected and its contacts with other phones.

“The privacy of users is always a priority. While Google must solve the problem, I can limit the consequences. That’s why we’re taking this decision,” De Jonge said in a statement.

Most EU nations have designed contact tracing apps around the same technology, the European Commission said. The Commission said that it has informed controllers of national apps in the 27-nation EU “so that Member States take the necessary steps if necessary.”

According to the Dutch health ministry, Google informed the government Wednesday it has fixed the issue. The government halted messages from the app for 48 hours to check if the leak has been fixed.

In a statement emailed to The Associated Press, Google said it has been “rolling out a fix for an issue where random Bluetooth identifiers used by the Exposure Notification framework on Android were temporarily accessible to a limited number of pre-installed applications.”

Advertisement. Scroll to continue reading.

The tech giant said that the rollout began several weeks ago and it expects the fix “to be available to all Android users in the coming days.”

Google said that random Bluetooth identifiers “on their own have no practical value to bad actors, and it is extremely unlikely that developers of pre-installed apps were aware of the inadvertent availability of those identifiers.”

The company added that it has no indications that any data from coronavirus exposure apps was accessed inappropriately.

Related: Security, Privacy Issues Found in Tens of COVID-19 Contact Tracing Apps

Related: European Virus Tracing Apps Highlight Battle for Privacy

Related: COVID-19 Contact Tracing Apps: Effective Virus Risk Management Tools or Privacy Nightmare?

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Automated phishing protection and scam prevention company Bolster has appointed Rod Schultz as CEO.

Bugcrowd has appointed Trey Ford as Chief Information Security Officer for the Americas.

Tim McKnight has joined UnitedHealth Group as CISO following the Change Healthcare ransomware attack.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.