Around 2014, there was a smartphone app called Whisper. It banned real names, of course.

Whisper still exists, but judging from the comments on its Google Play listing page, it is "completely overrun by soliciting literal prostitutes, thirsty men, and fake spam accounts."

Whisper is back in the news because an unprotected database containing 900 million Whisper posts and all the metadata associated with those posts was recently discovered online.

Although real names were not included, the data included "users' age, ethnicity, gender, hometown, nickname, and group participation," according to the Washington Post, which broke the news yesterday (March 10).

Many of those groups were, or had been, "devoted to sexual confessions and discussions about sexual orientation and desire," the Post noted.

If you have Whisper installed on your iPhone or Android phone, it may be best to remove it. The app collects "precise location information (GPS and network-based)" and tells Whisper (and the mobile ad network it operates) exactly where you are, according to the device permissions listed on its Google Play store page.

You can still lurk on Whisper by going to the Whisper website, which makes me chuckle. It's like the equivalent of a full page of silly ads that pop up at the bottom of news sites, with topics like "Woman Confesses: I'm Dating a Trust Fund Baby" and "18 People Who Shockingly Lied Under Oath."

Whisper is owned by Medialab, a holding company that also owns the teen chat app Kik and the hip-hop website and social app DatPiff; we have reached out to Medialab for comment and will update this article when we hear back.

The unprotected database was discovered by Dan Ehrlich and Matthew Porter, researchers at security firm Twelve Security. The exposed Whisper data dates back to 2012, when Whisper was launched.

In two blog posts today (March 11), Ehrlich accused Whisper staff of "spying for the Chinese Ministry of State Security" and suggested that much of the data collected by Whisper is used to blackmail members of the US military.

While there is no way to assess the validity of these accusations, Ehrlich noted that in 2014 The Guardian showed that Whisper was able to tell from GPS coordinates which posts were from military bases, the Pentagon, and the White House.

Gathering precise location data is not something one wants in an app dedicated to eliciting secret confessions from its users; Ehrlich noted that many posts can be traced back to a specific school or office.

Now, the silver lining. Most of the metadata in the public database is available on the Whisper app. That is the purpose of the app. The database simply collates everything into an easily searchable format.

"A search for a user who listed his age as 15 returned 1.3 million results," the Post notes harshly, not surprising since the app was particularly popular among teens in its heyday. [No real names or birthdates. The "nicknames" are either user-generated usernames or randomly assigned by the Whisper app so that users can post. Similarly, most of the background images for posts are provided by Whisper's own image library.

The only real risk of being identified by your Whisper postings has to do with your exact location.

Another advantage is that there is no indication that this database was discovered or misused by anyone before Porter and Erich discovered it. The database was removed on Monday (March 9) after The Washington Post contacted Whisper, but Erich and Porter stated that they had removed it earlier.