Indian Twitter-lookalike Koo app accused of exposing users’ personal data

Koo is an Indian microblogging platform similar to Twitter but in Indian languages.

Highlights
  • Koo is accused of exposing sensitive information like email ID, date of birth, name, marital status, and gender of the users
  • The app has recently gained attention after Twitter didn’t oblige to the government’s request to block some accounts
  • Koo app’s domain is registered in the US, while the registrant is based in China

Koo is a new Indian microblogging platform with Twitter-like experience in Indian languages. The app has been developed by Aprameya Radhakrishna, who is also the CEO of the platform, and was launched in March last year. However, noted French security researcher Robert Baptiste aka Elliot Alderson accuses the app of exposing users’ personal data. The security researcher claims that he spent 30 min on the Koo app on request of Twitter users and found that the app is exposing sensitive information like email ID, date of birth, name, marital status, and gender of the users. Koo has recently gained attention after Twitter didn’t oblige to government’s request to block some accounts related to the ongoing farmers’ protest. Koo app’s domain is registered in the US while the registrant based in China.

Koo app is being promoted by government officials including Union Minister Piyush Goyal, who recently asked users to join the app. The service is available on desktop, Android, and iOS and offers Twitter-like experience and has Indian language support. It also won the Indian government’s Digital India AatmaNirbhar Bharat Innovate Challenge last year, which was meant to encourage local app development. Koo app is said to be facing a huge demand at the moment and this is causing the app/ website to crash.

The app developers haven’t commented on the data leak allegations at the moment and we can only a hope a fix should be on its way. We will update once the company issues a statement regarding the allegations.