Bitcoin btc
$ usd

Ethical Hacker Shows Privacy Flaw in Venmo by Scraping Seven Million Users’ Transaction Data

2 mins
18 June 2019, 20:45 GMT+0000
Updated by Adam James
18 June 2019, 20:45 GMT+0000
A year ago, Paypal owned Venmo made news after a Mozilla fellow downloaded over 207 million transaction details. The same has now been done by a computer science student, Dan Salmon who was able to download seven million transaction details of Venmo users over a period of six months.
None of the two data breaches were done by black hat hackers. Rather, the breaches were carried out by ethical, or “white hat” hackers, in order to warn the company of underlying security issues. The amount of data scraped through hacking Venmo calls attention to how easy it is to obtain transaction data of Venmo users. It also serves as a reflection of the minimal efforts that the company has made towards data privacy since the first hack.

venmo app

Is Venmo Unconcerned?

The Venmo app today comes with a default setting that makes all transaction data publicly available. After the data scraping of over 207 million, Venmo did take a step to redefine some of its privacy guidelines. Soon after, however, when users started to switch their privacy settings from public to private, the company removed a warning from its app that prompted users to do so. What makes the public availability of Venmo’s transaction data worth the concern is that it clearly indicates the parties between whom the transaction has been done. It also sometimes prompts the purpose of the transaction.

Blockchain: Public Yet Secure Alternative to Venmo

If you compare the public availability of Venmo’s transaction data with that of blockchain transaction data, the one major difference is that the identity of the peers and purpose of the transactions is not compromised in the case of blockchain. It is actually the one most talked about feature of blockchain that all transactions on it are anonymous, and it’s next to impossible for anyone to scrape the data to find the people behind the transactions. Should Venmo consider using the blockchain technology for storing its transaction data? Let us know your thoughts in the comments below.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.