February 11, 2026 — Three popular AI-powered animal identification apps have exposed the precise GPS locations of over 150,000 users, creating serious safety risks including potential stalking and doxxing.

The Apps

The affected applications, all developed by MobilMinds/OZI Technologies:

• Dog Breed Identifier Photo Cam
• Spider Identifier App by Photo
• Insect Identifier by Photo Cam

Combined, these apps amassed over 2 million downloads on the Google Play Store.

What Was Exposed

Security researchers discovered the apps’ Firebase databases were completely open to the public internet — no authentication required. Anyone could view and even modify user data.

Leaked data included:

• Email addresses and usernames
• Profile photos
• Precise GPS coordinates — likely harvested from photo metadata and app permissions

This location data could enable stalking, doxxing, or targeted social engineering attacks by linking users’ identities to their physical addresses.

Already Compromised

The investigation found “poc” (Proof of Concept) entries in each exposed database — markers typically left by automated scanning bots. This suggests cybercriminals discovered and potentially accessed the data before security researchers did.

The Bigger Problem

This isn’t an isolated incident. The same research found that 72% of Android AI apps contain “hardcoded secrets” — API keys and cloud credentials embedded directly in the code. These act as master keys for hackers.

The developers were notified multiple times but did not respond.

Source: Cybernews, Tech Digest (February 11, 2026)