Database Family Locator app with real-time location data




was unsecured online

‘Family Tracker App’ Family Locator database with more than 238,000 users in it was unencrypted and unsecured online. Those who knew where to look could look up personal data, passwords, profile photos and real-time location data.

The MongoDB database contained names, e-mail addresses, profile photos , plaintext passwords, precise real-time location data and geofences such as ‘school’ and ‘home’ including coordinates. According to security researcher Sanyam Jain, who went to TechCrunch with the problem, the iOS app database was exposed for “weeks.”

TechCrunch verified the database by creating its own dummy account, which promptly appeared between the data of all other users. In addition, the site contacted a user in Florida who confirmed that the data in the database belonged to him and his child.

TechCrunch just couldn’t get in touch with the creator of the app, the Australian React Apps . The possibilities to contact the developer are limited and React Apps does not respond. TechCrunch eventually contacted Microsoft, which hosts the database on its Azure service. A few hours later the entire database went offline.


In: A Technology & Gadgets Asked By: [23633 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »