Researchers from Cybernews have discovered a data leak affecting Lifeprint portable printer users. Incorrectly configured security on a storage system caused the data leak. This allowed any internet user to access over 1.5 million unique photos.
Lifeprint makes instant photo printers that enable users to print images directly from their phones. In addition to the photos, lists of usernames, email addresses and print stats for more than 100,000 users were accessible without any security.
The researchers found that the publicly accessible cloud storage used by Lifeprint contained files with the encryption key for the data saved as plain text. Using that key, an attacker could install customised firmware on devices, making them vulnerable to other attacks.
Lifeprint’s parent company, New Jersey based C+A Global, has not responded to requests for comment regarding the Lifeprint data leak. The leak was first detected in late July 2025 and ethically reported to security agencies.
The Lifeprint iOS app remains available on the App Store. The version history or description makes no mention of the data leak whether a software update has been issued to make the app less vulnerable.
Anthony is the founder of Australian Apple News. He is a long-time Apple user and former editor of Australian Macworld. He has contributed to many technology magazines and newspapers as well as appearing regularly on radio and occasionally on TV.