Shutterstock 1007319601 Compressor Esm W900

This should come as no surprise, but it still sucks big-time: thousands of people who downloaded a random, very popular app called WiFi Finder found that it got handsy with users’ own home Wi-Fi, uploading their network passwords to a database full of 2 million passwords that was found exposed and unprotected online.

The leaked database was discovered by Sanyam Jain, a security researcher and a member of the GDI Foundation who reported his find to TechCrunch. Jain and TechCrunch’s Zack Whittaker spent more than two weeks fruitlessly trying to contact the developer, who they believe is based in China.

The link for this article located at NakedSecurity is no longer available.