A database with years of records was reportedly left open to the public web.
Whisper, a popular social app that lets people anonymously post confessions and secrets, reportedly left a database exposed that tied messages to a user's age, location and other details. Records for millions of messages were viewable to anyone on a database that was open to the public internet, according to a report Tuesday from The Washington Post.
The database didn't contain real names but tied anonymous whispers to "a user's stated age, ethnicity, gender, hometown, nickname and any membership in groups, many of which are devoted to sexual confessions and discussion of sexual orientation and desires," according to the Post. The data also reportedly included location coordinates for a person's most recent whisper.
Access to the database, which was discovered by independent researchers, was removed after the app was alerted to the data exposure on Monday, according to the Post. The researchers also reportedly alerted federal law enforcement officials.
Whisper didn't immediately respond to a request for comment. A company official told the Washington Post that much of the data was meant to be public from within the app, but the database was "not designed to be queried directly."
Read More: Equifax, MGM Resorts and beyond: Every major security breach and data hack