According to Reddit user jolioshmolio, Hong Kong-based sex toy company Lovense’s remote control vibrator app (Lovense Remote) recorded a use session without their knowledge. “An audio file lasting six minutes was stored in the app’s local folder,” reports The Verge. “The user says he or she gave the app access to the mic and camera but only to use with the in-app chat function and to send voice clips on command — not constant recording when in use.” The app’s behavior appears to be widespread as several others confirmed it too. From the report: A user claiming to represent Lovense responded and called this recording a “minor bug” that only affects Android users. Lovense also says no information or data was sent to the company’s servers, and that this audio file exists only temporarily. An update issued today should fix the bug. This isn’t Lovense’s first security flub. Earlier this year, a butt plug made by the company — the Hush — was also found to be hackable. In the butt plug’s case, the vulnerability had to do with Bluetooth, as opposed to the company spying on users.
Read more of this story at Slashdot.