The popular third-party email client Edison Mail recently granted a small number of iOS users access to email addresses that didn’t belong to them. This wasn’t a hack or leak, but a bug—and a pretty freaking big one.
The error was caused by a recent update that Edison assures was only pushed to a “small percentage” of users. The update included a new account sync feature that, for whatever reason, synced random email accounts to unrelated data and allowed users full access to strangers’ inboxes, contacts and other information without, no sign-in needed. It just sorta…happened.
What Edison Mail users need to do now
Edison pulled its terribly bugged update and rolled Edison Mail back to the app’s previous version. If you’re still able to see other people’s emails in the iOS app—well, you shouldn’t, but check the App Store to make sure you have all the latest patches for the app.
The bug only affected iOS users, but we’re only talking about people who could see others’ emails. The exposed accounts could have come from any platform connected to any Edison Mail app, since Edison Mail is cross-platform and lets you connect multiple email accounts from Gmail, iCloud, Microsoft and other email services into a single inbox.
We are urgently working to resolve this technical problem in Edison Mail. Yesterday a software update rolled out to a small percent of our users. We have reverted that now and are reaching out to users who have been impacted as fast as we can.
— Edison (@Edison_apps) May 16, 2020
If you use Edison Mail in any capacity, or ever did, you should take a moment and change your passwords for all email accounts you’ve ever linked to Edison Mail, as well as any apps or services that use the email for logins.
Edison says the bug has been addressed, but many users have expressed disappointment and are opting to delete the Edison app due to the security concerns—which is entirely understandable. However, if you delete Edison, make sure you revoke the app’s access to your Gmail, iCloud and Microsoft accounts’ settings. And now that you’re shopping for a new email service or app, we’ve covered several solid options.
Look, we love third-party apps. They give users options beyond the standard mainstream services that dominate the market and they can even be better for your privacy in some cases. That said, this is a good reminder that third-party apps aren’t perfect either. Accidents happen, but this one is a pretty inexcusable one as far as privacy and security go.