Categories
News

Rallyhood exposed a decade of users’ private data

Rallyhood says it’s “private and secure.” But for some time, it wasn’t.

The social network designed to help groups communicate and coordinate left one of its cloud storage buckets containing user data open and exposed. The bucket, hosted on Amazon Web Services (AWS), was not protected with a password, allowing anyone who knew the easily-guessable web address access to a decade’s worth of user files.

Rallyhood boasts users from Girl Scout and Boy Scout troops, and Komen, Habitat for Humanities, and YMCA factions. The company also hosts thousands of smaller groups, like local bands, sports teams, art clubs, and organizing committees. Many flocked to the site after Rallyhood said it would help migrate users from Yahoo Groups, after Verizon (which also owns TechCrunch) said it would shut down the discussion forum site last year.

The bucket contained group data as far back to 2011 up to and including last month. In total, the bucket contained 4.1 terabytes of uploaded files, representing millions of users’ files.

Some of the files we reviewed contained sensitive data, like shared password lists and contracts or other permission slips and agreements. The documents also included non-disclosure agreements and other files that were not intended to be public.

Where we could identify contact information of users whose information was exposed, TechCrunch reached out to verify the authenticity of the data.

A security researcher who goes by the handle Timeless found the exposed bucket and informed TechCrunch, so that the bucket and its files could be secured.

When reached, Rallyhood chief technology officer Chris Alderson initially claimed that the bucket was for “testing” and that all user data was stored “in a highly secured bucket,” but later admitted that during a migration project, “there was a brief period when permissions were mistakenly left open.”

It’s not known if Rallyhood plans to warn its users and customers of the security lapse. At the time of writing, Rallyhood has made no statement on its website or any of its social media profiles of the incident.

Stop saying, ‘We take your privacy and security seriously’


Read more: feedproxy.google.com

Categories
News

MediaLab acquires messaging app Kik, expanding its app portfolio

Popular messaging app Kik is, indeed, “here to stay” following an acquisition by the Los Angeles-based multimedia holding company, MediaLab.

It echoes the same message from Kik’s chief executive Tim Livingston last week when he rebuffed earlier reports that the company would shut down amid an ongoing battle with the U.S. Securities and Exchange Commission. Livingston had tweeted that Kik had signed a letter-of-intent with a “great company,” but that it was “not a done deal.”

Now we know the the company: MediaLab. In a post on Kik’s blog on Friday the MediaLab said that it has “finalized an agreement” to acquire Kik Messenger.

Kik is one of those amazing places that brings us back to those early aspirations,” the blog post read. “Whether it be a passion for an obscure manga or your favorite football team, Kik has shown an incredible ability to provide a platform for new friendships to be forged through your mobile phone.”

MediaLab is a holding company that owns several other mobile properties, including anonymous social network Whisper and mixtape app DatPiff. In acquiring Kik, the holding company is expanding its mobile app portfolio.

MediaLab said it has “some ideas” for developing Kik going forwards, including making the app faster and reducing the amount of unwanted messages and spam bots. The company said it will introduce ads “over the coming weeks” in order to “cover our expenses” of running the platform.

Buying the Kik messaging platform adds another social media weapon to the arsenal for MediaLab and its chief executive, Michael Heyward .

Heyward was an early star of the budding Los Angeles startup community with the launch of the anonymous messaging service, Whisper nearly 8 years ago. At the time, the company was one of a clutch of anonymous apps — including Secret and YikYak — that raised tens of millions of dollars to offer online iterations of the confessional journal, the burn book, and the bathroom wall (respectively).

In 2017, TechCrunch reported that Whisper underwent significant layoffs to stave off collapse and put the company on a path to profitability.

At the time Whisper had roughly 20 million monthly active users across its app and website, which the company was looking to monetize through programmatic advertising, rather than brand-sponsored campaigns that had provided some of the company’s revenue in the past. Through widgets, the company had an additional 10 million viewers of its content per-month using various widgets and a reach of around 250 million through Facebook and other social networks on which it published posts.

People familiar with the company said at the time that it was seeing gross revenues of roughly $1 million and was going to hit $12.5 million in revenue for that calendar year. By 2018 that revenue was expected to top $30 million, according to sources at the time.

Anonymous app Whisper lays off 20% of staff to survive

The flagship Whisper app let people post short bits of anonymous text and images that other folks could like or comment about. Heyward intended it to be a way for people to share more personal and intimate details —  to be a social network for confessions and support rather than harassment.

The idea caught on with investors and Whisper managed to raise $61 million from investors including Sequoia, Lightspeed Venture Partners, and Shasta Ventures . Whisper’s last round was a $36 million Series C back in 2014.

Fast forward to 2018 when Secret had been shut down for three years while YikYak also went bust — selling off its engineering team to Square for around $1 million. Whisper, meanwhile, seemingly set up MediaLab as a holding company for its app and additional assets that Heyward would look to roll up. The company filed registration documents in California in June 2018.

According to the filings, Susan Stone, a partner with the investment firm Sierra Wasatch Capital, is listed as a director for the company.

Heyward did not respond to a request for comment.

Zack Whittaker contributed reporting for this article. 


Read more: feedproxy.google.com

Categories
News

Kindbody raises $15M, will open a ‘Fertility Bus’ with mobile testing & assessments

Kindbody, a startup that lures millennial women into its pop-up fertility clinics with feminist messaging and attractive branding, has raised a $15 million Series A in a round co-led by RRE Ventures and Perceptive Advisors.

The New York-based company was founded last year by Gina Bartasi, a fertility industry vet who previously launched Progyny, a fertility benefit solution for employers, and FertilityAuthority.com, an information platform and social network for people struggling with fertility.

“We want to increase accessibility,” Bartasi told TechCrunch. “For too long, IVF and fertility treatments were for the 1 percent. We want to make fertility treatment affordable and accessible and available to all regardless of ethnicity and social economic status.”

Kindbody operates a fleet of vans — mobile clinics, rather — where women receive a free blood test for the anti-Müllerian hormone (AMH), which helps assess their ovarian egg reserve but cannot conclusively determine a woman’s fertility. Depending on the results of the test, Kindbody advises women to visit its brick-and-mortar clinic in Manhattan, where they can receive a full fertility assessment for $250. Ultimately, the mobile clinics serve as a marketing strategy for Kindbody’s core service: egg freezing.

Kindbody charges patients $6,000 per egg-freezing cycle, a price that doesn’t include the cost of necessary medications but is still significantly less than market averages.

Bartasi said the mobile clinics have been “wildly popular,” attracting hoards of women to its brick-and-mortar clinic. As a result, Kindbody plans to launch a “fertility bus” this spring, where the company will conduct full fertility assessments, including the test for AMH, a pelvic ultrasound and a full consultation with a fertility specialist.

In other words, Kindbody will offer all components of the egg-freezing process on a bus aside from the actual retrieval, which occurs in Kindbody’s lab. The bus will travel around New York City before heading west to San Francisco, where it plans to park on the campuses of large employers, catering to tech employees curious about their fertility.

“Our mission at Kindbody is to bring care directly to the patient instead of asking the patient to come to visit us and inconvenience them,” Bartasi said.

A sneak peek of Kindbody’s “fertility bus,” which is still in the works

Kindbody, which has raised $22 million to date from Green D Ventures, Trailmix Ventures, Winklevoss Capital, Chelsea Clinton, Clover Health co-founder Vivek Garipalli and others, also provides women support getting pregnant with in vitro fertilisation (IVF) and intrauterine insemination (IUI). 

With the latest investment, Kindbody will open a second brick-and-mortar clinic in Manhattan and its first permanent clinic in San Francisco. Additionally, Bartasi says they are in the process of closing an acquisition in Los Angeles that will result in Kindbody’s first permanent clinic in the city. Soon, the company will expand to include mental health, nutrition and gynecological services.

In an interview with The Verge last year, Bartasi said she’s taken inspiration from SoulCycle and DryBar, companies whose millennial-focused branding strategies and prolific social media presences have helped them accumulate customers. Kindbody, in that vein, notifies its followers of new pop-up clinics through its Instagram page.

In the article, The Verge called Kindbody “the SoulCycle of fertility” and questioned its branding strategy and its claim that egg freezing “freezes time.” After all, there is limited research confirming the efficacy of egg freezing.

“The technology that allows for egg-freezing has only been widely used in the last five to six years,” Bartasi explained. “The majority of women who froze their eggs haven’t used them yet. It’s not like you freeze your eggs in February and meet Mr. Right in June.”

Though Kindbody touts a mission of providing fertility treatments to the 99 percent, there’s no getting around the sky-high costs of the services, and one might argue that companies like Kindbody are capitalizing off women’s fear of infertility. Providing free AMH tests, which often falsely lead women to believe they aren’t as fertile as they’d hoped, might encourage more women to seek a full-fertility assessment and ultimately, to pay $6,000 to freeze their eggs, when in reality they are just as fertile as the average woman and not the ideal candidate for the difficult and uncomfortable process.

Bartasi said Kindbody makes all the options clear to its patients. She added that when she does hear accusations that services like Kindbody capitalize on fear of infertility, they tend to come from legacy programs and male fertility doctors: “They are a little rattled by some of the new entrants that look like the patients,” she said. “We are women designing for women. For far too long women’s health has been solved for by men.”

Kindbody’s pricing scheme may itself instill fear in incumbent fertility clinics. The startup’s egg-freezing services are much cheaper than market averages; its IVF services, however, are not. Not including the costs of medications necessary to successfully harvest eggs from the ovaries, the average cost of an egg-freezing procedure costs approximately $10,000, compared to Kindbody’s $6,000. Its IVF services are on par with other options in the market, costing $10,000 to $12,000 — not including medications — for one cycle of IVF.

Kindbody is able to charge less for egg freezing because they’ve cut out operational inefficiencies, i.e. they are a tech-enabled platform while many fertility clinics around the U.S. are still handing out hoards of paperwork and using fax machines. Bartasi admits, however, that this means Kindbody is making less money per patient than some of these legacy clinics.

“What is a reasonable profit margin for fertility doctors today?” Bartasi said. “Historically, margins have been very, very high, driven by a high retail price. But are these really high retail prices sustainable long term? If you’re charging 22,000 for IVF, how long is that sustainable? Our profit margins are healthy.”

Bartasi isn’t the only entrepreneur to catch on to the opportunity here, as I’ve noted. A whole bunch of women’s health startups have launched and secured funding recently.

Tia, for example, opened a clinic and launched an app that provides health advice and period tracking for women. Extend Fertility, which like Kindbody, helps women preserve their fertility through egg freezing, banked a $15 million round. And a startup called NextGen Jane, which is trying to detect endometriosis with “smart tampons,” announced a $9 million Series A a few weeks ago.

It’s a new era for fertility tech


Read more: feedproxy.google.com