A new sophisticated phishing-as-a-service (PhaaS) platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services (RCS) for Android.
Lucid's unique selling point lies in its weaponizing of legitimate communication platforms to sidestep traditional SMS-based detection mechanisms.
"Its scalable,

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

A number of specialized dating apps leaked the--not so--secret storage location of 1.5 Million more or less explicit images

A researcher found millions of pictures from specialized dating apps for iOS stored online without any kind of password protection.

The pictures, some of which are explicit, stem from dating apps that all have a specific audience. The five platforms, all developed by M.A.D. Mobile are kink sites BDSM People and Chica, and LGBTQ+ apps Pink, Brish, and Translove.

As we reported not too long ago, many iOS apps leak at least one hard coded secret. We consider hard coded secrets in the source code of the apps as exposed because they are relatively easy to find and abuse by cybercriminals. And those secrets can have serious consequences for the apps’ users

Cybernews’ Aras Nazarovas found the storage location (a Google Cloud Storage bucket) used by the apps by reverse engineering the code. To his surprise, he could access the unencrypted and otherwise unprotected photos without needing any password.

As soon as he saw the first image, he knew this storage should not have been public. Not only did it contain profile pictures, it also included pictures sent in private messages, including some removed by moderators.

In total, nearly 1.5 million user-uploaded images were available to anyone stumbling over the storage bucket. Although the images are not linked to any user accounts or other private information, it is not unthinkable that cybercriminals could figure out some of the identities by using commonly available face search engines.

Many of these search engines use Artificial Intelligence (AI) for facial recognition combined with reverse image search technology to find other photos of a person published online, based on a picture submitted by the user.

Although officially intended only for self-searches, many of them don’t bother to check whether that’s actually the case.

Coupled to the identity of the person in the picture, these images could expose users to extortion, as well as an increased risk of hostility. As if online dating isn’t nervewracking enough, especially for those looking in special categories, the last we need is to see our explicit images exposed.

M.A.D Mobile was warned about the leak in January, but didn’t take any action to protect the storage until the BBC contacted the company on Friday. The issue has now been fixed.

It’s important to stipulate that the apps are exclusive to iOS and do not have Android or web alternatives.

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

 Intimate images from kink and LGBTQ+ dating apps left exposed online 

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that's primarily designed to target users in Spain and Turkey.
"Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, black screen overlays, and advanced data harvesting via accessibility logging,"

New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials

An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps.
"PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices," Sophos security researcher Pankaj Kohli said in a Thursday analysis.
PJobRAT, first

PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps

Is moving from WhatApp to Signal a good idea? We look at the pros and cons, and which settings can make Signal even more private.

This week we learned that the US Government uses Signal for communication, after a journalist was accidentally added to a Signal chat.

Accidental additions of people aside, the news has got regular folks asking if they should, too, be using Signal for private communications.

Probably the largest alternative to Signal, WhatsApp is owned by Meta, and has faced criticism for its data-sharing practices. But is switching to Signal truly an improvement? Let’s explore the differences between these apps and whether the move would be justified.

Both WhatsApp and Signal offer end-to-end encryption, ensuring that only the sender and recipient can read messages. But the difference is that Signal employs “Sealed Sender,” a feature that hides metadata even from itself, whereas WhatsApp collects metadata such as phone numbers, IP addresses, and device information, which it shares with Meta and third parties.

As president of Signal Meredith Whittaker said in a statement to Dutch website Security.nl:

> “WhatsApp collects and shares, when required, large amounts of private information that is not encrypted, like your profile picture, your location, your contacts, when you send a message, when you stop, who’s in your group chats, and so on.”

Signal collects minimal data, but it’s run by the non-profit Signal Foundation, which operates free from commercial interests. Signal’s open-source code allows for public scrutiny of its security claims, which is a transparency WhatsApp lacks.

Where Signal adds privacy-focused features such as call relay (to hide IP addresses), self-destructing messages, and customizable notification settings, WhatsApp provides more social features like status updates.

Switching to Signal is justified if privacy is your top priority. Its minimal data collection, transparency, and advanced security features make it superior to WhatsApp in protecting user information. However, for those who rely on WhatsApp’s massive user base or social features, the transition might be less convenient.

There is no inter-compatibility, so all participants in a conversation need to use the same app. Meaning that one of the few things holding many users back from switching from WhatsApp to Signal is leaving contacts behind that are not willing to move over.

Obviously, the decision is yours and depends on your personal priorities: privacy versus convenience.

To fully benefit from Signal’s privacy capabilities, users should enable the following features:

*   **Disappearing messages**:
    *   Open a chat in Signal.
    *   Tap the three dots or profile icon to enter chat settings.
    *   Select “Disappearing Messages” and set a timer (e.g., five minutes or one week). This ensures messages are automatically deleted after the specified time.
*   **Screen lock**:
    *   Go to Signal settings by tapping your profile avatar.
    *   Navigate to “Privacy.”
    *   Enable “Screen Lock” to require biometric authentication or a PIN to access the app.
*   **Relay calls**:
    *   Under “Privacy” settings, activate “Always Relay Calls.” This routes calls through Signal servers to hide your IP address from contacts.
*   **Incognito keyboard** (Android only):
    *   In “Privacy” settings, enable “Incognito Keyboard” to prevent your keyboard from sending typing data to third-party servers.
*   **Screen security**:
    *   For Android: Enable “Screen Security” to block screenshots within the app.
    *   For iPhone: Turn on “Enable Screen Security” to prevent app previews in multitasking mode.
*   **Registration lock**:
    *   Activate this feature in “Privacy” settings to require a PIN for re-registering your account on new devices.

By enabling these features, users can ensure their conversations remain private and secure.

Another important tip is to check **Group chat members**. Before you send messages to a group, check who can read them: Open your group chat and tap on the group name to view chat settings. Scroll to the Members list and tap “View all members” to see the full list of group members.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Moving from WhatsApp to Signal: A good idea? 

An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country.
Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data…

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. **Security breaches** and data leaks can have severe financial and reputational consequences. To tackle these risks, businesses must adopt a proactive approach to security that doesn’t just react to threats but actively anticipates and mitigates them. 

This is where **pentesting services** come into play. Unlike automated vulnerability scans, penetration testing involves simulating real-world attacks to uncover security gaps before malicious actors can exploit them. Organizations across industries rely on pentesting to strengthen their defenses, meet compliance requirements, and validate security controls against evolving threats.

This article explores the most relevant penetration testing services, their role in cybersecurity, and how businesses can leverage them to enhance security resilience. From network and application testing to red teaming and cloud security assessments, understanding these services is essential for organizations looking to stay ahead of cyber threats.

****The Role of Penetration Testing in Cybersecurity****

Penetration testing (**pentesting**) is a controlled security assessment that mimics real-world cyberattacks to identify and address vulnerabilities before attackers can exploit them. Unlike traditional security measures that rely on firewalls, antivirus software, and automated scanners, pentesting provides a hands-on evaluation of an organization’s security posture. It helps detect misconfigurations, weak authentication mechanisms, and exploitable flaws that may go unnoticed in routine security checks.

The primary goal of penetration testing is to reduce the attack surface by uncovering security gaps across networks, applications, APIs, and cloud environments. This proactive approach not only strengthens defenses but also ensures compliance with security standards like **PCI DSS, ISO 27001**, and **HIPAA**. Organizations that integrate regular pentesting into their security strategy are better equipped to handle emerging threats and minimize the risk of costly breaches.

However, a common misconception is that penetration testing is just an advanced form of vulnerability scanning. While automated scanners can detect known issues, they cannot analyze complex attack chains, logic flaws, and business logic vulnerabilities. Skilled penetration testers use a combination of manual techniques, custom exploits, and real-world attack scenarios to simulate how an adversary would attempt to compromise a system. This makes penetration testing an essential component of a robust security program.

****Key Types of Penetration Testing Services****

Not all security risks are the same, and different environments require specialized testing approaches. Below are the most relevant penetration testing services, each addressing specific attack surfaces and security concerns.

****Network Penetration Testing****

A core component of security assessments, network penetration testing focuses on identifying vulnerabilities in both external and internal network infrastructure. This involves testing firewalls, routers, VPNs, and other network devices for misconfigurations, outdated protocols, and weak authentication mechanisms.

Common threats mitigated by network pentesting include:

*   Open ports and exposed services provide an entry point for attackers.

*   Weak encryption can be exploited for data interception and manipulation.

*   Misconfigured access controls that allow unauthorized access to sensitive systems.

Network penetration testing is particularly relevant for enterprises, cloud service providers, and organizations handling sensitive data across distributed networks.

****Web Application Penetration Testing****

Web applications are prime targets for cyberattacks due to their accessibility and integration with critical business operations. This form of pentesting evaluates applications against vulnerabilities outlined in the OWASP Top 10, such as:

*   **SQL Injection (SQLi):** Exploiting database queries to extract sensitive data.

*   **Cross-Site Scripting (XSS):** Injecting malicious scripts to hijack user sessions.

*   **Broken Authentication:** Weak login mechanisms that allow unauthorized access.

SaaS providers, fintech companies, and e-commerce platforms rely on web application pentesting to secure customer transactions, APIs, and user authentication mechanisms.

**Mobile Application Penetration Testing**

With mobile apps handling sensitive financial, healthcare, and personal data, securing them is critical. Mobile application penetration testing assesses both iOS and Android apps for risks such as:

*   **Insecure data storage** that exposes sensitive user information.

*   **Weak API security,** leading to unauthorized access or data leaks.

*   **Reverse engineering risks** where attackers decompile apps to extract secrets.

Pentesters analyze app permissions, encryption mechanisms, and backend API security to ensure mobile applications comply with industry best practices and regulatory standards.

****Cloud Penetration Testing****

Cloud security introduces unique challenges, including misconfigured storage services, excessive permissions, and insecure **API endpoints**. Cloud penetration testing assesses environments like AWS, Azure, and Google Cloud for:

*   **Publicly exposed assets** such as S3 buckets or storage blobs.

*   **Identity and Access Management (IAM) misconfigurations** leading to privilege escalation.

*   **Insecure APIs and serverless functions** that could be exploited.

Given the widespread adoption of cloud services, cloud pentesting is critical for organizations leveraging SaaS platforms, multi-cloud environments, and **DevOps workflows**.

**API Penetration Testing**

APIs serve as the backbone of modern applications, yet they are often overlooked in security assessments. API penetration testing targets vulnerabilities like:

*   **Broken authentication and authorization** that allow unauthorized access to critical services.

*   **Rate limiting bypasses** enabling brute-force attacks or data scraping.

*   **Data exposure** due to improper input validation and misconfigured responses.

API pentesting is especially relevant for fintech, healthcare, and logistics platforms that rely on secure data exchange.

**IoT Penetration Testing**

The increasing adoption of IoT devices introduces significant security risks, from industrial control systems to smart home devices. IoT penetration testing identifies weaknesses such as:

*   **Default credentials** that attackers exploit to gain control.

*   **Lack of encryption,** exposing communication channels to interception.

*   **Unpatched firmware vulnerabilities,** leaving devices open to exploitation.

Industries like healthcare, automotive, and industrial automation require IoT pentesting to safeguard connected devices and prevent large-scale cyber incidents.

**Red Team Assessments**

Unlike traditional pentesting, **red team** assessments simulate full-scale attacks to test an organization’s detection and response capabilities. These engagements go beyond vulnerability discovery to mimic advanced persistent threats (APTs) and real-world adversary tactics.

Key attack vectors in red team assessments include:

*   **Physical security bypass,** such as tailgating into restricted areas.

*   **Social engineering** to manipulate employees into disclosing credentials.

*   **Persistence mechanisms** to maintain undetected access over extended periods.

Red teaming is essential for large enterprises, government agencies, and critical infrastructure operators looking to validate their security resilience against sophisticated attacks.

****Choosing the Right Penetration Testing Service****

Selecting the right penetration testing service depends on business impact, regulatory requirements, and infrastructure. Security assessments must be tailored to provide actionable insights rather than generic findings.

****Key Considerations****

*   **Business Impact:** Identifying critical assets that require testing, such as customer data or financial transactions.

*   **Regulatory Compliance:** Industries like finance and healthcare must meet PCI DSS, ISO 27001, HIPAA, and SOC 2 standards.

*   **Infrastructure Type:** Cloud-native environments require different security tests than on-premises systems or API-heavy platforms.

*   **Security Maturity:** Organizations with mature security defenses may benefit from red team assessments, while those with fewer controls should start with network and application pentesting.

****Compliance vs. Risk-Driven Testing****

*   **Compliance-driven:** Focuses on meeting security mandates but may have a limited scope.

*   **Risk-driven:** Simulates real-world attack scenarios beyond compliance checklists.

****The Need for Recurring Assessments****

Cyber threats evolve, making regular pentesting (quarterly or annually) essential. Organizations integrating security into **DevSecOps detect vulnerabilities** early, reducing risks proactively rather than reactively.

****Conclusion****

Penetration testing is essential for identifying vulnerabilities before attackers exploit them. Unlike automated scans, pentesting services simulate real-world threats, strengthening defenses and ensuring compliance.

Choosing the right service, whether network, application, cloud, or red teaming, depends on risk exposure and industry standards. Security isn’t a one-time effort; regular testing and DevSecOps integration help organizations stay alert against increasing cybersecurity threats.

Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats

The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them.

The eye-popping scandal surrounding the Trump cabinet’s accidental invitation to The Atlantic’s editor in chief to join a text-message group secretly planning a bombing in Yemen has rolled into its third day, and that controversy now has a name: SignalGate, a reference to the fact that the conversation took place on the end-to-end encrypted free messaging tool Signal.

As that name becomes a shorthand for the biggest public blunder of the second Trump administration to date, however, security and privacy experts who have promoted Signal as the best encrypted messaging tool available to the public want to be clear about one thing: SignalGate is not about Signal.

Since The Atlantic’s editor, Jeffrey Goldberg, revealed Monday that he was mistakenly included in a Signal group chat earlier this month created to plan US airstrikes against the Houthi rebels in Yemen, the reaction from the Trump cabinet’s critics and even the administration itself has in some cases seemed to cast blame on Signal for the security breach. Some commentators have pointed to reports last month of Signal-targeted phishing by Russian spies. National security adviser Michael Waltz, who reportedly invited Goldberg to the Signal group chat, has even suggested that Goldberg may have hacked into it.

On Wednesday afternoon, even President Donald Trump suggested Signal was somehow responsible for the group chat fiasco. “I don't know that Signal works,” Trump told reporters at the White House. “I think Signal could be defective, to be honest with you.”

The real lesson is much simpler, says Kenn White, a security and cryptography researcher who has conducted audits on widely used encryption tools in the past as the director of the Open Crypto Audit Project: Don’t invite untrusted contacts into your Signal group chat. And if you’re a government official working with highly sensitive or classified information, use the encrypted communication tools that run on restricted, often air-gapped devices intended for a top-secret setting rather than the unauthorized devices that can run publicly available apps like Signal.

“Unequivocally, no blame in this falls on Signal,” says White. “Signal is a communication tool designed for confidential conversations. If someone's brought into a conversation who’s not meant to be part of it, that's not a technology problem. That's an operator issue.”

Cryptographer Matt Green, a professor of computer science at Johns Hopkins University, puts it more simply. “Signal is a tool. If you misuse a tool, bad things are going to happen,” says Green. “If you hit yourself in the face with a hammer, it’s not the hammer’s fault. It’s really on you to make sure you know who you’re talking to.”

The only sense in which SignalGate _is_ a Signal-related scandal, White adds, is that the use of Signal suggests that the cabinet-level officials involved in the Houthi bombing plans, including secretary of defense Pete Hegseth and director of national intelligence Tulsi Gabbard, were conducting the conversation on internet-connected devices—possibly even including personal ones—since Signal wouldn’t typically be allowed on the official, highly restricted machines intended for such conversations. “In past administrations, at least, that would be absolutely forbidden, especially for classified communications,” says White.

Indeed, using Signal on internet-connected commercial devices doesn’t just leave communications open to anyone who can somehow exploit a hackable vulnerability in Signal, but anyone who can hack the iOS, Android, Windows, or Mac devices that might be running the Signal mobile or desktop apps.

This is why US agencies in general, and the Department of Defense in particular, conduct business on specially managed federal devices that are specially provisioned to control what software is installed and which features are available. Whether the cabinet members had conducted the discussion on Signal or another consumer platform, the core issue was communicating about incredibly high-stakes, secret military operations using inappropriate devices or software.

One of the most straightforward reasons that communication apps like Signal and WhatsApp are not suitable for classified government work is that they offer “disappearing message” features—mechanisms to automatically delete messages after a preset amount of time—that are incompatible with federal record retention laws. This issue was on full display in the principals’ chat about the impending strike on Yemen, which was originally set for one-week auto-delete before the Michael Waltz account changed the timer to four-week auto-delete, according to screenshots of the chat published by The Atlantic on Wednesday. Had The Atlantic’s Goldberg not been mistakenly included in the chat, its contents might not have been preserved in accordance with long-standing government requirements.

In congressional testimony on Wednesday, US director of national intelligence Tulsi Gabbard said that Signal can come preinstalled on government devices. Multiple sources tell WIRED that this is not the norm, though, and noted specifically that downloading consumer apps like Signal to Defense Department devices is highly restricted and often banned. The fact that Hegseth, the defense secretary, participated in the chat indicates that he either obtained an extremely unusual waiver to install Signal on a department device, bypassed the standard process for seeking such a waiver, or was using a non-DOD device for the chat. According to political consultant and podcaster FP Wellman, DOD “political appointees” demanded that Signal be installed on their government devices last month.

Core to the Trump administration’s defense of the behavior is the claim that no classified material was discussed in the Signal chat. In particular, Gabbard and others have noted that Hegseth himself is the classification authority for the information. Multiple sources tell WIRED, though, that this authority does not make a consumer application the right forum for such a discussion.

“The way this was being communicated, the conversation had no formal designation like 'for official use only' or something. But whether it should have been classified or not, whatever it was, it was obviously sensitive operational information that no soldier or officer would be expected to release to the public—but they had added a member of the media into the chat,” says Andy Jabbour, a US Army veteran and founder of the domestic security risk-management firm Gate 15.

Jabbour adds that military personnel undergo annual information awareness and security training to reinforce operating procedures for handling all levels of nonpublic information. Multiple sources emphasize to WIRED that while the information in the Yemen strike chat appears to meet the standard for classification, even nonclassified material can be extremely sensitive and is typically carefully protected.

“Putting aside for a moment that classified information should never be discussed over an unclassified system, it’s also just mind-boggling to me that all of these senior folks who were on this line and nobody bothered to even check, security hygiene 101, who are all the names? Who are they?” US senator Mark Warner, a Virginia Democrat, said during Tuesday’s Senate Intelligence Committee hearing.

According to The Atlantic, 12 Trump administration officials were in the Signal group chat, including vice president JD Vance, secretary of state Marco Rubio, and Trump adviser Susie Wiles. Jabbour adds that even with ​​decisionmaking authorities present and participating in a communication, establishing an information designation or declassifying information happens through an established, proactive process. As he puts it, “If you spill milk on the floor, you can’t just say, ‘That’s actually not spilled milk, because I intended to spill it.’”

All of which is to say, SignalGate raises plenty of security, privacy, and legal issues. But the security of Signal itself is not one of them. Despite that, in the wake of The Atlantic’s story on Monday, some have sought tenuous connections between the Trump cabinet’s security breach and Signal vulnerabilities. On Tuesday, for example, a Pentagon adviser echoed a report from Google’s security researchers, who alerted Signal earlier this year to a phishing technique that Russian military intelligence used to target the app’s users in Ukraine. But Signal pushed out an update to make that tactic—which tricks users into adding a hacker as a secondary device on their account—far harder to pull off, and the same tactic also targeted some accounts on the messaging services WhatsApp and Telegram.

“Phishing attacks against people using popular applications and websites are a fact of life on the internet,” Signal spokesperson Jun Harada tells WIRED. “Once we learned that Signal users were being targeted, and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago."

In fact, says White, the cryptography researcher, if the Trump administration is going to put secret communications at risk by discussing war plans on unapproved commercial devices and freely available messaging apps, they could have done much worse than to choose Signal for those conversations, given its reputation and track record among security experts.

“Signal is the consensus recommendation for highly at-risk communities—human rights activists, attorneys, and confidential sources for journalists,” says White. Just not, as this week has made clear, executive branch officials planning airstrikes.

_Updated at 5:50 pm ET, March 25, 2025: Added remarks about Signal by President Trump._

SignalGate Isn’t About Signal

McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected.

McAfee Labs has revealed that cybercriminals are exploiting Microsoft’s newly introduced .NET MAUI app development tool to spread Android malware with cross-platform capabilities.

The McAfee Mobile Research Team discovered that this development framework, meant to replace Xamarin and expand beyond mobile platforms, is now being abused to disguise malicious code within seemingly legitimate applications, and primary targets are Android users.

Unlike traditional Android malware, which relies on DEX files or native libraries, these threats store their core functionalities as blob binaries within assemblies. This method effectively bypasses many antivirus solutions that primarily focus on analysing conventional Android app components.

The second example, a fake social networking application, targeted Chinese-speaking users, attempting to steal contacts, SMS messages, and photos. This malware employed multi-stage dynamic loading, which entails encrypting and loading DEX files in three separate stages to obscure its malicious payload.

Fake app’s screen and the fake X app (Source: McAfee Labs)

Additionally, the malware manipulated the AndroidManifest.xml file by adding an excessive number of meaningless permissions, disrupting analysis tools. It also utilized encrypted TCP socket communication to evade network traffic interception.

McAfee Labs also observed that the threat actors diversified their themes, distributing fake dating apps with similar structures and functionalities, indicating a widespread campaign.

“These apps had different background images but shared the same structure and functionality, indicating that they were likely created by the same developer as the fake X app,” researchers noted in their report.

The rise of .NET MAUI-based malware and the adoption of new evasion techniques, including hiding code blobs within assemblies, multi-stage dynamic loading, and encrypted communication, shows a concerning trend that needs immediate addressing by the cybersecurity community.

To stay safe, please exercise caution when downloading applications from unofficial sources, particularly in regions with limited access to official app stores, such as China. “Staying vigilant and ensuring that security measures are in place can help protect against emerging threats,” McAfee researchers concluded.

Featured/Top Image by iXimus from Pixabay

Hackers Are Using Microsoft’s .NET MAUI to Spread Android Malware

Google has admitted it accidentally deleted some Maps Timeline user data after what it calls a "technical issue".

Google has admitted it accidentally deleted some users’ Google Maps Timeline data after a “technical issue”.

As reported by Forbes on March 11, users started noticing that their Google Maps Timelines had completely disappeared. At the time, we didn’t know anything about the cause of this issue.

However, now we do, after some of the impacted users received a email from Google on March 21. Not with an apology, mind you, but with an explanation.

Google wrote that it had:

> “Briefly experienced a technical issue that caused the deletion of Timeline data for some people. If you have encrypted backups enabled, you may be able to restore your data.”

If you’re among those affected and you did have backups enabled, here’s how you can attempt to restore your data:

*   Make sure you have the latest version of the Google Maps app installed on your device.
*   Open Google Maps, tap on your profile picture in the top right corner, and select **Your Timeline**.
*   Look for a cloud icon at the top of the Timeline screen and tap it. Choose a backup to import your data.

This doesn’t seem to work for everyone though, with some users commenting that this method didn’t work for them.

If you didn’t have backups enabled, it might not be possible to recover your lost Timeline data.

**Planned deletion**

For those interested in keeping their Timeline, bear in mind that if you don’t take action soon, your visits and routes might be erased, and your Timeline settings disabled. Earlier this month, Google announced that it will begin deleting the last three months of Timeline data unless you take action to back it up, as part of a roll out of significant changes to Maps Timeline.

After you receive the notification from Google, you have about six months to save or transfer your Timeline data before deletion takes place. The sender of the email is “Google Location History,” with the subject line: “Keep your Timeline? Decide by \[date\].”

When you get the prompt, follow the instructions on how to adjust your settings on your device. If you don’t, your visits and routes will be erased, and your Timeline settings will be disabled.

**How to back up your Google Maps Timeline data**

Here’s how back up your Timeline data to prevent any future losses, and help preserve your data during the planned deletion:

*   Open the Google Maps app.
*   Tap your profile picture, then **Your Timeline**.
*   At the top right, tap the cloud icon.
*   If auto-delete is turned on, turn it off.
*   On the Backup screen, turn on **Backup**.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Tag

#android