A Brazilian food delivery app might have exploited an Apple Maps bug.
Brazilian journalist Rodrigo Ghedin reports iFood, Brazil’s largest food delivery app, accessed the location of one of his readers. In a blog post, Ghedin writes the reader denied the app access to no avail.
According to 9to5Mac, Apple fixed the bug in iOS 16.3 and added a two-factor authentication sign-in on new devices as the “headline feature.” The security patch fix addresses an app’s ability to bypass privacy preferences.
Ghedin said the reader solved the issue after he reset his device. He downloaded iOS 16.3 once it became available and hasn’t noticed any issues since Ghedin wrote in the January 31st post.
The Apple Maps security fix through iOS 16.3 impacts iPhone 8 and later, all models of iPad Pro, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
As 9to5Mac points out, the issue at hand is not proven, but ongoing questions ask how long the issue lasted and if other apps exploited information.