Clearview AI is widely seen as a privacy nightmare by the public and is even looked down on privacy-challenged tech giants like Google. Now, the company has shown that it can’t even take care of its own data, according to a report from TechCrunch. It managed to expose its source code to anyone with an internet connection due to a server misconfiguration, a flaw spotted by a security researcher at the Dubai-based firm SpiderSilk.
The repository held app source code that’s used to compile apps. The company also stored its Windows, Mac, iOS and Android apps on the server, including pre-release developer apps used for testing, according to SpiderSilk research chief Mossab Hussein. It also exposed Clearview’s Slack tokens which would let anyone access the company’s internal messages without a password.