A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. techcrunch.com Submitted by n_n on March 27, 2019 at 11:48 PM in Privacy 5 comments 10
Kymski wrote on March 28, 2019 at 2:19 AM Let us see: Unsecured MongoDB. okay. account database with Name, email, plaintext password and real time location? wtf no contact info on the company website. no contact info on the privacy policy (which looks like something brewed in Microsoft Frontpage) no contact on whois no contact in the companys buiness records they only managed to get the DB offline, because they asked the Hoster to contact the dev. Sorry, but that isn't just plain stupid or laziness. That's borderline negligently. Permalink 4 __m106__ wrote on March 28, 2019 at 8:56 AM Honestly sounds like a honeypot for getting credentials to be used somewhere else later on. Permalink Parent 1
__m106__ wrote on March 28, 2019 at 8:56 AM Honestly sounds like a honeypot for getting credentials to be used somewhere else later on. Permalink Parent 1
Kymski wrote
Let us see:
they only managed to get the DB offline, because they asked the Hoster to contact the dev.
Sorry, but that isn't just plain stupid or laziness. That's borderline negligently.