Skype Security Flaw Sends IMs To Random Contacts

Skype has admitted to TechWeekEurope the existence of a “rare” fault in its VoIP application that lets third parties view instant messages (IMs) between two contacts.

A number of Skype users reported the fault on the service’s support forums, voicing their concerns at what could be a serious breach of privacy.

They said that messages sent to one contact have been sent to another random contact on their contact list.

“Rare” Skype Security Flaw

“Messages sent by one contact (2 lines out of a hundred or so) were sent to another contact of mine. These 2 contacts are not connected on Skype,” said one user. “The 2 IMs appeared to be sent by me, so the other contact asked me if I sent them by mistake. That is the only reason I know it happened.”

“The exact same thing has happened to me, except that I was the recipient of two lines of chat which were exchanged between my contact and one of his contacts,” said another. “I am not connected to my friend’s contact.”

“This is very disturbing and a serious breach of privacy, please address the issue immediately,” they added. It has been suggested that the problem has resulted from a recent update. Microsoft-owned Skype says it has been alerted to the issue and it working on a fix.

“We are aware in rare circumstances IM’s between two contacts could be sent to an unintended third contact,” Skype told us. “We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype.”

Skype has previously been viewed as a safe method of communication as data is stored on the client, rather than any of its servers, as it uses a peer-to-peer system. Researchers last year uncovered a vulnerability that could disclose the location, identity and content of downloads, while Microsoft’s plans to introduce adverts has also raised privacy concerns.

What do you know about Skype? Find out with our quiz!