eGov Magazine

Beware! Sarahah might be secretly uploading your phone contacts to the company’s servers

Sarahah, the popular anonymous feedback app has been secretly uploading user data on the company’s server, according to a report.

A senior security analyst Zachary Julian who works for IT security consulting firm Bishop Fox was the first to point out this behaviour.  He discovered the app uploading private information, using a monitoring software BURP Suite. And this was first reported by The Intercept.

According to report, the app takes a user’s data including phone numbers and email addresses stored in the device’s address book.  

Zain al-Abidin Tawfiq, the app’s founder, said that contact lists are being uploaded on the company’s server  “for a planned ‘find your friends’ feature”.  

However, the feature was “delayed due to a technical issue”.