Geolocation data compromised by poorly secured application

The Family Locator family app, which tracks family members by geolocation, has left the personal and geographic data of more than 238,000 of its users in plain view by storing them on a non-password protected server.

Used by parents to monitor their children, Family Locator is an Australian app that allows you to track a loved one or to be alerted if they enter or leave a designated place, such as a school.

Data poorly protected

Sanyam Jain, a cybersecurity researcher, discovered that the Family Locator server was not protected by any password and that the data contained on this server was not encrypted.

The data in question includes, but is not limited to, users’ names, e-mail addresses, profile pictures and passwords, as well as their precise geographic location and the location of identified places, such as the workplace or school.

The safety of children potentially at risk

An ill-intentioned person would have been able to report to a school and use the personal information of the parents to convince the staff to let her pick up a child to remove it.

The TechCrunch Technology Information Site confirmed Sanyam Jain’s discovery and, for a week, repeatedly tried to contact React Apps, the developer of the app. In the absence of a response, TechCrunch contacted Microsoft Azure on Friday, which hosted the Family Locator database. The database is now offline.

About the Author: Jose Brewer

Leave a Reply

Your email address will not be published. Required fields are marked *

How to whitelist website on AdBlocker?

How to whitelist website on AdBlocker?

  1. 1 Click on the AdBlock Plus icon on the top right corner of your browser
  2. 2 Click on "Enabled on this site" from the AdBlock Plus option
  3. 3 Refresh the page and start browsing the site