.png "back to home page")
What I want to know is how did this company get 238K users oh and who runs their database server that is accessible on public networks ? https://t.co/DS1sWZpM9b
— Chirayu Patel (@chirayunix) March 23, 2019
I asked Microsoft, which hosted the developer's leaking database, for help. Finally, the server was secured last night. https://t.co/miTN9TBAPK
— Zack Whittaker (@zackwhittaker) March 23, 2019
New: A popular family tracking app exposed the real-time location data of more than 238,000 users around the world — including children.https://t.co/miTN9TBAPK
— Zack Whittaker (@zackwhittaker) March 23, 2019
A family tracking app was leaking real-time location data.. sigh.. will this ever end!? https://t.co/CGOaw756kY
— Dez Blanchfield (@dez_blanchfield) March 24, 2019
New: a consumer spyware company left thousands of pictures and audio recordings of targets in a database exposed on the web.
— Lorenzo Franceschi-Bicchierai (@lorenzofb) March 22, 2019
We can't say which company in particular because despite weeks of efforts to reach them, they haven't taken the content down. https://t.co/YLOjn6Ge7C
It’s like shooting the moon in Hearts. A company’s ongoing security practices so awful, the breach so large and the sensitivity of the material so personal, that the journalists alerted to it realize it’s irresponsible to name and shame. https://t.co/G6IogZIQCF
— Jonathan Zittrain (@zittrain) March 24, 2019
"People should not be using these tools in the first place....But the fact that these companies aren’t very good at securing their own data is just the cherry on the bad idea sundae.” https://t.co/NvVIoZaKcO
— EFF (@EFF) March 24, 2019
“People should not be using these [stalking] tools in the first place, but the fact that these companies aren’t very good at securing their own data is just the cherry on the bad idea sundae.” @evacide https://t.co/ru3bis4ecq via @motherboard
— Stephen Cobb (@zcobb) March 22, 2019
This was a reporting nightmare *perfectly* navigated by @lorenzofb. https://t.co/yoQXP1v1W9
— Zack Whittaker (@zackwhittaker) March 22, 2019
New: there's an app exposing photos, audio recordings likely from children. But it's so bad, and crucially not fixed it despite weeks of outreach, that we can't responsibly name it. Instead, its an example of the difficulties of some infosec cases https://t.co/d9uFwmTpIN
— Joseph Cox (@josephfcox) March 22, 2019
A consumer spyware vendor left a lot of incredibly sensitive and private data for all to see on a server freely accessible over the internet.
— VICE (@VICE) March 23, 2019
And it still hasn’t taken the data down. https://t.co/mQODDLY5gQ
Stalkerware company leaves 20+gigs of blackmail material sitting around on the Internet for free, refuses to fix it.
— Paul Gowder ??????????????? (@PaulGowder) March 24, 2019
Wait, you mean companies in the business of particularly malicious crimes give no fucks about their victims? Dude. https://t.co/o8GEIcxHRg
Family Locator, a family tracking app was leaking real-time location data https://t.co/VmXrqpPfAo via @techcrunch #databreach #privacy
— Florence Bonnet (@FlorenceBonnet) March 24, 2019
New: A popular family tracking app exposed the real-time location data of more than 238,000 users around the world — including children.https://t.co/miTN9TBAPK
— Zack Whittaker (@zackwhittaker) March 23, 2019
A family “safety” app (aka spyware/stalkerware) exposing data on hundreds of thousands of people, and not encrypting the database. https://t.co/KX0exRkhoh cc @PogoWasRight
— Bill Fitzgerald (@funnymonkey) March 24, 2019
#ITSecurity #ITSec A family tracking app was leaking real-time location data – TechCrunch https://t.co/4b2GhvVwUY, see more https://t.co/yJWFBjnLur
— Arcanist (@ArcanistMX) March 24, 2019
These open MongoDB instances seem to be common. Not a MongoDB fault at all. Too easy to use and developers don’t configure stuff like a sysadmin would. Documentation has excellent security checklist.
— Colin Charles (@bytebot) March 24, 2019
Maybe time for a mysql_secure_installation equivalent? https://t.co/wafWATtCYE
"Any user who had a geofence set up also had those coordinates stored in the database, along with what the user called them — such as 'home' or 'work.' None of the #data was encrypted": https://t.co/rzyjcC2zNk #ethics #privacy #internet #tech #app #parenting
— Internet Ethics (@IEthics) March 23, 2019
The family app Family Locator, built by Australia-based React Apps, left open to access real-time locations, personal details, and passwords of 238,000 users. Including children ?
— Aliaume Leroy (@Yaolri) March 24, 2019
Great investigation by @zackwhittakerhttps://t.co/e6LNC3LCNL
I asked Microsoft, which hosted the developer's leaking database, for help. Finally, the server was secured last night. https://t.co/miTN9TBAPK
— Zack Whittaker (@zackwhittaker) March 23, 2019
A family tracking app was leaking real-time location data.. sigh.. will this ever end!? https://t.co/CGOaw756kY
— Dez Blanchfield (@dez_blanchfield) March 24, 2019
Family tracking app leaked real-time location data for weeks @engadget #security #privacy @jonfingas https://t.co/0rW16CUqYi
— Evan Kirstel (@evankirstel) March 24, 2019
Family tracking app leaked real-time location data for weeks https://t.co/ctmQOoXJbX #Infosec #Privacy pic.twitter.com/SewZz5fC7g
— #AI (@AI__TECH) March 24, 2019
가족을 감시하거나 행동을 제약하는 앱들은 쓰지 맙시다. 플랫폼이나 OS가 아니면서 이런 일을 하기 위해서는 일선을 넘어야 하는데, 보통 회사라면 이런 모양 빠지는 일 따위 안 하려 하니까 준비 안 된 이들이 어쭙잖게 만들거나 심한 경우 의도적으로 악용 여지가 있지요 https://t.co/mkrbr7u1E7
— Goodhyun 김국현 (@goodhyun) March 25, 2019
Another massive breach of sensitive personal data consisting of audio and images, this time from a spyware company who has not bothered safeguard its data. #Privacy #DataProtection #GDPR https://t.co/4OuziVWWKt
— Satish Babu (@satish_babu) March 25, 2019
This Spyware Data Leak Is So Bad We Can't Even Tell You About It https://t.co/wh0quPeL6a
— Tactical Tech (@Info_Activism) March 25, 2019
"This breach is just the latest in a seemingly endless series of exposures or leaks of incredibly sensitive data collected by companies that promise to provide services for parents to keep children safe, monitor employees, or spy on spouses. " https://t.co/75SX0sPsoj #privacy pic.twitter.com/leXvQ17pJG
— F-Secure FREEDOME VPN (@FreedomeVPN) March 25, 2019
This Spyware Data Leak Is So Bad We Can't Even Tell You About It. https://t.co/JlcyxRAjoF
— scripting.com (@davewiner) March 24, 2019
Motherboard This Spyware Data Leak Is So Bad We Can't Even Tell You About It: A consumer spyware vendor left a lot of incredibly sensitive and private data, including intimate pictures and… https://t.co/W9YK3qAiyl #News #Hacking #cybersecurity #hackers #spyware Via @motherboard pic.twitter.com/SOSyuLJahc
— Bradley Jon Eaglefeather (@bjeaglefeather) March 25, 2019
A family tracking app was leaking real-time location data https://t.co/eHO6JPob86 via @techcrunch @zackwhittaker
— Khaled خالد (@KhaledAlwaleed) March 24, 2019
A family tracking app was leaking real-time location data https://t.co/hAtpslqzw7 via @techcrunch
— Adam Levin (@Adam_K_Levin) March 24, 2019
This is not ok. Believing randomness of url addresses is sufficient protection of personal data - what I am guessing was assumed here - is clearly mistaken as this and other examples have shown. https://t.co/1Iz1P3MCqc
— Jack Springman (@jackspringman) March 25, 2019
Astounding lack of accountability >> A family tracking app was leaking real-time location data (via @TechCrunch) #infosec https://t.co/OFnu9wFc1Z
— David McClelland (@DavidMcClelland) March 25, 2019
A family tracking app was leaking real-time location data https://t.co/yREaO1OKVi #itsecurity
— Rajdeep Das (@itsrajdeepdas) March 24, 2019
Again.https://t.co/ZTkWnHEXtd
— Mario Guzman (@MarioGuzman) March 23, 2019
"On Friday, we asked Microsoft, which hosted the database on its Azure cloud, to contact the developer. Hours later, the database was finally pulled offline": https://t.co/rzyjcC2zNk #ethics #cybersec #privacy #tech #internet #app #business
— Internet Ethics (@IEthics) March 24, 2019
Family tracking app leaked real-time location data#mobile #security #AppSec #reactapps #Privacy #backdoor #childtracking #databreach #location #MongoDB #vulnerability #Phone #tracking #dataprivacy #DataProtection #cybercrime #cybersecurity #technews https://t.co/8hn5l8PWgr
— M2S sec (@traffic_mamu) March 25, 2019