Lifeprint Privacy Breach Exposes 2M Photos and User Data
A privacy breach at Lifeprint, a popular portable photo printer system, has exposed over 2 million private photos and user information. The leak, caused by a misconfigured storage bucket, has raised serious concerns about the security of Internet of Things (IoT) devices. Lifeprint, produced by C+A Global, allows users to send images and GIFs directly from a smartphone to a connected device or a friend's printer through an iOS or Android app on the app store. However, a misconfiguration has led to a significant data leak. The exposed data includes usernames, email addresses, and print statistics for over 100,000 users, with metadata indicating that the community has printed more than 1.6 million photos. Moreover, multiple versions of Lifeprint's firmware were also exposed, including a private encryption key in plain text, used to sign firmware updates. This could potentially allow attackers to create malicious firmware and distribute it as a legitimate update, hijacking printers or folding them into botnets. Cybernews researchers first detected the leak in late July 2025, but as of now, Lifeprint's parent company has not issued an official statement or responded to inquiries. The leak is described as a 'textbook example of what not to do with IoT infrastructure'. The Android version of the Lifeprint app has been downloaded more than 100,000 times on Google Play, indicating a large user base potentially affected. For Lifeprint users, the consequences could include identity theft, harassment, doxxing, blackmail, extortion, or public embarrassment if intimate images were exposed. The Lifeprint data leak underscores the importance of robust security measures for IoT devices. With no official response from C+A Global yet, users are advised to be vigilant and consider the potential implications of their exposed data. Further details are awaited from the company.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- SonicWall executive Michael Crean discusses the current state of managed security
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
