The number of such apps is huge and most of them are downloaded more than 300 million times combined.
These include smartphone apps from Walmart, CNN, ESPN, and dozens of other organizations.
That failure lets attackers to go through the long lists of the most commonly used passwords.
Of these, the affected Android apps had been downloaded 300 million times.
This means that it only takes the attacker 1024-1048576 guesses to find the correct one.
This is a scary estimate.
source: www.techworm.net
