According to security researchers, two apps made by Chinese tech giant Baidu were leaking sensitive user data that left millions vulnerable to surveillance or cybercrime. The two apps are known to be Baidu Maps and the Baidu App, both of which were removed from the Google Play store last month after researchers disclosed privacy issues in the software. Baidu Maps is still offline while Baidu App is available again after being updated. The apps have roughly 6 million users in the US alone, as well as hundreds of millions more globally.
Researchers at Palo Alto Networks found that the apps were leaking sensitive data from phones that consequently left those who downloaded the apps vulnerable to persistent surveillance. The leaked data allowed for adversaries to track users, according to Palo Alto researchers. Although the group only investigated the app available through Google Play, it is possible that all versions across the world were affected.