Over the last week, British music-streaming app Last.fm suffered the leakage of several admin password credentials. The bug has been fixed but it posed an immense threat to all the users of Last.fm of having their personal data exposed.
The cause for this leakage, as discovered by security researchers Sebastien Kaul and Bob Diachenko, was a web app running in debug mode in the background.
According to the researchers, a web app, when running in debug mode, exposes data, which should always be hidden from the public eye. This helps the developers to make any kind of changes or developments that they need to do on the web app. But such data leakage also makes it easier for cyber attackers to exploit these private data and harass each and every user of Last.fm. But according to the latest update from Last.fm and CBS, this issue has been resolved.