Privacy flaw found in fertility phone application

Glow says issue fixed, users should update

By Marilyn Moritz - Reporter

SAN ANTONIO - Consumer Reports recently tested the security and privacy features on a popular women’s health and fertility app called Glow.

The app is designed to help women track their monthly cycles and get pregnant. The app asks for very personal information, like how a woman sleeps, whether she uses birth control and even if she is constipated.

Consumer Reports discovered that people with little to no hacking skills could link their Glow account to another user’s account without the other person knowing it. Also, using common security software, Consumer Reports could see the personal data of any user who posted a message in the app’s forums.

In another test, Consumer Reports found it was fairly easy to change a user’s password and take over that person's account. In response, Glow said it has since fixed these security issues and added, "There is no evidence to suggest that any Glow data has been compromised.”

Glow said it has contacted all users to change their password, update the app and relink with their partner’s account.

UPDATE: Jennifer Tye, head of U.S. operations issued the following statement on Aug. 4.

We appreciate Consumer Reports bringing to our attention some possible vulnerabilities within our app. The industry only gets stronger with white hats who are looking to protect consumers. Once informed, our team immediately worked to address and correct the potential issues and have since released an updated version of the app. We also informed users via email to consider changing their password as an extra precaution. Of the more than 4 million users across our apps, far less than 0.15% of our users could have potentially been impacted, but there is no evidence to suggest that any Glow data has been compromised.

All Consumer Reports material copyright 2016 by Consumers Union of U.S. Inc. All rights reserved. Consumer Reports is published by Consumers Union. Both Consumer Reports and Consumers Union are not-for-profit organizations that accept no advertising. Neither has any commercial relationship with any advertiser or sponsor on this site.​