Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Techcrunch learned that Angelsense, an auxiliary technology company that provides site monitoring devices for persons with disabilities, leakage of identical personal information and the exact website data for its users to the open internet.
The company obtained the exposed server on Monday, more than a week after it was alerted to data leakage by Upguard security company.
Upguard shared exposure details exclusively with Techcrunch after the angels are resolved in the break. Upguard has Since the publication of a blog post On the accident.
Angelsense is based in New Jersey provides GPS tracking devices and site monitoring for thousands of customers To the list of mobile phone applicationsAnd it is described by law enforcement and police departments throughout the United States.
According to Upguard researchers, Angelsense has left an internet database vulnerable to the Internet without a password, allowing anyone to access the data inside it using a web browser only and know the IP address of the database. The database stores the actual time updates of angelsense, which included the personal information of AngelSense customers, as well as technical records about the company’s systems.
Upguard said it has found customers’ personal data, such as names, postal addresses and phone numbers at the open database. The researchers said they also found GPS coordinates for individuals monitored – including the associated health information about the person who followed, which included conditions such as autism and dementia. The researchers also found e -mail addresses, passwords and authentication symbols to access customer accounts, as well as partial credit card information – all visible in the normal text.
It is not known exactly the time it was exposed to the database and the number of customers who have been affected. According to the list of database on Shodan, a search engine for devices and systems facing the Internet, the open registration database of ASSELSENSE was monitored for the first time on January 14, although it may have been revealed earlier.
Doron Somer, CEO of Angelsense, Techcrunch confirmed that the company took the open server in the beginning of the beginning after specifying the first email for Upguard as undesirable messages.
“Only when I called us on telephone, the case was raised to our attention,” Somer said. “Upon discovering, we immediately acted to verify the validity of the information provided to us and to treat weakness.”
“We note that unlike Upguard, we do not have any information indicating that any data is likely to be accessed on the registration system. It might be abused or exposed to the threat of misuse, “claiming that the data” was not sensitive personal information. ”
Somer will not say whether the company has technical means to determine whether there is any access to the unprotected server before Upguard discovered.
When asked if the company planned to notify the affected customers and the individuals whose data were exposed, Sumer said that the company was still achieving.
“If there is a justification for a notice of the organizers or people, we will offered it, of course,” said Sumer.
Sumer did not respond to the follow -up inquiry by the journalism time.
The database is often due to poor formations caused by human error, not malicious intention, and has become an increasingly common event in recent years. Similar security rolls have led to open databases to Sensitive American military emails leakageReal -time leakage of text messages Contains dual -factor symbolsAnd Chat history from AI Chatbots.
