Apps related to the upcoming Fifa World Cup are “highly intrusive” mobile security company Pradeo found, with the popular Eurosport app particularly vulnerable.

Researchers found the Android app, which had been downloaded more than 10 million times, sends user’s geolocation to 18 remote servers, collects data through eight advertising libraries and contains 63 vulnerabilities.

These vulnerabilities mean the app exposes the data it handles to potential leaks along with man-in-the-middle and denial-of-service cyber attacks.

In a blog post, the company noted information related to the collection of data is mentioned in Eurosport’s privacy policy but never “proactively displayed to the user”.

It added while data protection regulations are being strengthened, software solutions which help users regain control over their data are also needed.