Unsecured MongoDB database exposes real-time locations of families.
On March 25, 2019, Family Locator, an app that reports the whereabouts of family and friends, reported that it had been exposing the real-time locations of 238,000 users for weeks due to an unprotected server. The data that was exposed also included usernames, email addresses, profile photos, and plaintext passwords. None of the data was encrypted.
What happened.
Family Locator allows users to track family members and set up geofencing features, which can notify users when a family member leaves work or arrives at school. Exposing such information means that anybody could get information on the location of the users and their family members at any point in time.
The unsecured database was discovered by Sanyam Jain, a security researcher and member of the GDI Foundation. After the leak was identified March 22, 2019, Microsoft took the database offline, as it was being hosted on its Azure cloud.
Another recently-discovered data leak showed that 18 unprotected MongoDB servers contained publicly available data of a Chinese surveillance program. And a month before that, researcher Bob Diachenko discovered an unprotected database with 809 million email records containing Personally Identifiable Information (PII).
If you want to avoid such disasters and stay out of the news for the wrong reasons, download ManageEngine Log360 to combat internal and external security attacks.
Here's how ManageEngine can help.
Log360, our comprehensive security information and event management (SIEM) solution, can help your organization:
- Identify cross-site scripting (XSS) attacks, malicious file installations, DoS attacks, SQL injection, and more with its real-time correlation capability.
- Alert security teams in real time about events that require their immediate attention, such as account lockouts, security group membership changes, unauthorized access attempts to files or folders, and network attacks.
- Detect unauthorized network access attempts with its built-in Structured Threat Information eXpression (STIX/TAXII) feeds processor. Log360 also has a global IP threat database that can instantly detect known malicious traffic passing through the network as well as outbound connections to malicious domains and callback servers. The global IP threat database contains more than 600 million blacklisted IP addresses that are collected from trusted open sources and updated daily.
- Find potential insider threats with the user and entity behavior analytics engine, which creates a baseline of normal activities that are specific to each user and notifies security personnel instantly when there's a deviation from this norm. Rather than using static threshold values, this tool employs a combination of data analytics and machine learning to define dynamic thresholds based on real-world user behavior.
- Obtain important forensic information about incidents. The collected logs can be securely archived to help prove adherence to compliance standards and reduce potential legal penalties during investigations.
- Automatically raise incidents as tickets to the designated administrator in ServiceDesk Plus, JIRA, Zendesk, Kayako, or ServiceNow to create an incident resolution process that's swift and accountable.
Download a free trial of Log360 to see the tool in action for yourself.