Pokémon Go is taking over, and it has not even been one month since its launch. Users are signing in from all around the world to play. More than 21+ million unique users sign in every day in the United States alone – and that number is continuing to rise. With a large amount of users, Pokémon Go needs to prove that it can protect all of the data it receives from users.
The Google Controversy
When Pokémon Go was first released on July 6, 2016, users could either make an account or they could sign in with their Google account. During this time until the first update was released, users who signed in with their Google accounts were at a very high risk of having their personal data compromised through the platform.
Pokémon Go has since updated its security prompts and Google has updated its allowed data use permission. But, this raises some questions regarding the quality of the data security in place currently.
Do not be fooled by the applications on the app stores on smartphones. There are plenty of apps which are trying to mimic Pokémon Go. The goal of the look-a-like apps are for users to allow access to their accounts, such as Google or Facebook, which provided personal information. This personal information can then be used in malicious ways. If you are playing Pokémon Go, then there is only one app for the game. Do not be fooled into downloading dangerous look-a-like apps.
Declassifying the Classified
Not everybody should be playing Pokémon Go. If you are in a professional position which requires some sort of security clearance, and you travel to secure locations, then the app should not be on your personal device which travels with you. Beyond geolocation alone, the game is constantly feeding and pulling data to and from your personal device. Although it may not be as dangerous as we might think, it would be ignorant to ignore the risks. Nothing is more important than public safety, sorry Pokémon.
Since the launch of Pokémon Go, there have been several cyberattacks. Most are minor, and pose a low security risk to game players, but should be mentioned. For example, there have been several Distributed Denial of Service (DDoS) attacks, which are designed to flood servers, often with some sort of Trojan being the root cause.
There is currently a group, PoodleCorp, that takes pride in creating internet and data chaos by initializing these attacks, and others similar to them. They are currently planning an attack on August 1st, 2016 that will shut down the game for an entire day. This attack will supposedly use over 600,000 devices to flood the servers of Pokémon Go, thus disrupting gameplay all around the world.
Although these attacks are not necessarily dangerous, it does reveal one important characteristic we must not overlook – security weakness. Pokémon Go is still young, and they are weak in the realm of cyber security. Over time, the app needs to continue to improve cyber and data security measures to further protect users around the world. Pokémon Go has too much data being used daily to risk any sort of compromise.