Yo Hacked, Hires One of Its Hackers

The popular app, Yo, has been hacked

Yo Has Been Hacked

You might think that an app that doesn’t require any of its users’ personal information would be left alone by hackers.

You’d be wrong.

Yo Hacked

Yo Has Been Hacked

Popular Texting Service, Yo, Hacked

The popular texting service, Yo, which basically allows its users to text the titular two-word character to their contacts, has been hacked by three students from Georgia Tech.

You might be wondering why a group of hackers would bother messing with an app that requires no personal information – no e-mail address, Facebook account info, or even full name – from its users. To expose a security vulnerability? For the sheer sport of it?

Turns out, there is personal information to be stolen from Yo’s users. If a user opted in to the “Find Friends” feature, that left the user’s phone number vulnerable. The Georgia Tech hackers posted these phone numbers and the user names they’re associated with at the Yo Hack website.

Yo’s Surprising Reaction

In the aftermath of these sorts of hacks, there’s a fairly common routine. The hacked company apologizes, vows to fix the issue and improve their security in a more general way. Months later, someone checks on the supposed improvements and discovers the company is still vulnerable.

Yo’s founder and developer, Or Arbel, is mostly following the script, offering an apology that hits the right notes of humility…

Yo started as a weekend project and exploded a little too soon…We were just finishing up rewriting the infrastructure in a proper and secure way, as suitable for production grade apps, when it suddenly blew up and went viral.


Yo is a simple app – your privacy isn’t. We take your privacy very seriously, we apologize from the bottom of our hearts.

…and an eagerness to learn. In fact, the title of this apology letter is “We were lucky enough to get hacked”.

And if we’re more inclined to take this apology more seriously than usual, it’s probably because Arbel got in touch with the hackers, and hired one of them. While this gesture may open them up to a whole slew of hackers who attack the company in the hopes of getting employed, it strikes us as a sincere gesture nonetheless.

In the meantime, we advise against offering up new and untested apps too much of your personal information. This was a mild hack, but the next one could be far worse.

Want more news and information about hacks and security vulnerabilities? Follow us on Twitter and like us on Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *