React Apps’ Family Locator mobile app leaked the location data of nearly one-quarter a million users for weeks, security research reveals…
Family tracking apps certainly have a meaningful place. These are generally ideal for keeping tabs on kids or synced-up with spouses. But, like any other technology, if it falls into the wrong hands, it can wreak havoc.
React Apps’ Family Locator Mobile Tracker Exposed Location Data of More than 238000 Users
Security researcher Sanyam Jain, also a member of the GDI Foundation, tells TechCrunch React Apps’ Family Locator left real-time location data open and vulnerable for weeks of more than 238,000 users.
It displayed people’s positions within mere feet and even revealed names for geofenced areas used to provide alerts. In other words, it was possible for hackers to tell if parents left children at home. Or, if a kid was on school grounds.
Exacerbating the situation is the fact React’s website contains no contact information and its WHOIS record masks its email address.
Furthermore, messages sent through the feedback form did not result in action. Ultimately, TechCrunch reached out to Microsoft to contact the developer.
The data is now safe but remained exposed for weeks. Yet again, this is another incident reminding everyone the threats posed from not protecting sensitive information.