» Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Unprotected server of a family tracking app may have leaked real-time location data

27 March 2019 3

Another server which had long been kept unprotected came to notice recently and once again the damage would have been consequential or it’s already, who knows. Sanyam Jain, a security researcher and a member of the GDI Foundation reported the findings to Techcrunch to demonstrate how severe the situation could become if left unattended.

Jain found the database of a family tracking app called Family Locator built by Australia-based software company React Apps is unprotected and accessible by anyone who knew where to and how to look at. These family locating apps allow the family members or the parents to track their children like where they are or have they left any certain location such as school. But unfortunately, the details of just every location where your child might be was accessible.

The database that included real-time locations or the coordinates of someone using the app was open. Each account record contained in the database included name, email address, profile photo, and their plaintext passwords and this everything was just open.

TechCrunch verified the contents of the database by downloading the app and signing up using a dummy email address. Within seconds, our real-time location appeared as precise coordinates in the database.

Techcrunch tried contacting the developer but got no information and had to tell Microsoft to pull this database down which was uploaded on its Azure cloud. Hours later the database was pulled offline.

It’s unknown for how long the database was exposed for and if anyone beyond Jain or TechCrunch accessed the database.


3

comments

Unprotected server of a family tracking app may have leaked real-time location data
Write a comment...
DianaAngela

This is definitely definitely quite a serious issue. Because, it's helpful for parents to track their kids and their whereabouts. The child's safety entirely can be at risk.

Android

Amazon Luna game streaming service announced for $5.99 per month

Android

Twitter will soon start testing voice direct messages | Report

Android

Google 'Sabrina' could be 'Chromecast with Google TV' | UPD: packaging leak

Android

Samsung Galaxy S20 FE 5G launched with 120Hz display, triple cameras for $699