Gamers who downloaded the Pokémon Go game were given a scare on Monday after it was pointed out that the app apparently had been granted “full access” to users’ Google accounts. Pokémon players logging into the iOS app with Google accounts granted the app certain access permissions by default. Unlike other apps, the game did not display what permissions would be granted. Niantic, Inc., the makers of Pokémon Go, issued a statement saying that it erroneously requested such permission from some iOS users, but Pokémon Go “only accesses basic Google profile information (specifically, your User ID and email address).” Niantic, Inc. indicated that it was swiftly taking steps to ensure that the app can only access basic profile information from your Google account. Now, a new update is available for iOS users that fixes the account settings altogether. Please note, the permissions issue only relates to the iOS (Apple) version of the game and is not the case with the Android download.
If you downloaded the Pokémon Go app on your Apple device and are concerned about the privacy of your Google account, please ensure that your app has been updated and check your account security on Google to see which apps are accessing your information and change permissions if needed. Further, this is a good reminder to check the requested permissions when downloading any app, rather than just hitting “Install.”
Check out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact a member of our Privacy & Data Security team.