The details provided by Angry Birds users upon registration may end up in the hands of a number of ad platforms and companies, data security firm FireEye claims. Rovio, the creator of the mobile game hit Angry Birds, has continued its co-operation with an ad platform believed to have been hacked by the British intelligence agency, data security firm FireEye reveals in its blog.

The Guardian reported in January, citing documents provided by Edward Snowden, that the Government Communications Headquarters (GCHQ) can snatch user data through ad platforms, prompting the Finnish game studio to pledge that it would re-consider its co-operation with Millennial Media, an ad platform identified in the report. At the time, Rovio also denied having had any previous knowledge of the alleged links between ad platforms and intelligence agencies.

“In order to protect our end users, we will […] have to re-evaluate working with these networks,” Mikael Hed, the CEO at Rovio, asserted in a bulletin.

Yet, the most recent version of Angry Birds, launched on Google Play in early March, continues to collect personal information about its users, FireEye reports. The details provided by the users upon registration may ultimately end up in the hands of several ad platforms and companies, including Angry Birds Cloud, the ad mediation network Burstly, and ad platforms Jumptap and Millennial Media.

The details shared include age, gender, Android user ID, device information and in some cases the IP address.

In January last year, Rovio had an estimated 263 active users worldwide.

Having analysed the code paths, researchers at FireEye discovered that the personal information collected by Angry Birds is aggregated with the accounts of the users. The details are then collected and stored in a cloud service by Burstly, and thereon accessed by third-party ad platforms.

The fact that the shared details are not encrypted is a data security risk in itself, making users particularly vulnerable to attacks by hackers.

“The sharing of user data ‘in clear text’ – without encryption – is the ideal profiling tool from the viewpoint of cyber-attackers,” highlights Jari Salomaa, a director of product management at FireEye, in an e-mail to Helsingin Sanomat.

“By knowing details about the users, you can specifically target certain people, networks, companies or groups,” Salomaa adds.

Helsingin Sanomat was on Saturday unable to reach a spokesperson at Rovio for a comment.

Laura Halminen – HS
Aleksi Teivainen – HT
Photo: Heikki Saukkomaa / Lehtikuva