Slashdot Mirror

← Back to Stories (view on slashdot.org)

Database Error Exposes Sensitive Information On 1,700 Kids (csoonline.com)

Posted by timothy on from the u-really-know-kids dept.

itwbennett writes: Researcher Chris Vickery discovered that the Arlington, Virginia based child monitoring service uKnowKids.com had a misconfigured MongoDB installation that left sensitive details on over 1,700 children exposed for months. UKnowKids helps parents monitor their child's activities online, by watching their mobile communications, social media activities, and their location. And so the database stored 6.8 million private text messages, 1.8 million images (many depicting children), Facebook, Twitter, and Instagram account details, in addition to the children's full names, email addresses, GPS coordinates, date of birth.

4 of 62 comments (clear)

  1. Stupidity... by Longjmp · · Score: 3, Insightful

    Summary:
    Stupidity of helicopter parents backfires.

    --
    There are fewer illiterates than people who can't read.
  2. 1000's die daily from 100% preventable starvation by Anonymous Coward · · Score: 1, Insightful

    mostly kids... they could use some press?

  3. Re:Is all this exposure to the internet worthwhile by Dr_Barnowl · · Score: 3, Insightful

    Well, clearly the only way you can gather this much information is to install a monitor daemon on all their client appliances.

    Rather than having it talk to a single central server as it did in this case, why not run that server on a PC in the household and have it sync to that when it's on domestic wifi?

    Oh, right : because it wouldn't enable the corporation to collect a huge corpus of highly monetizable data about children for later analysis.

  4. Re:Is all this exposure to the internet worthwhile by Bengie · · Score: 3, Insightful

    Seems they misconfigured their Mongo DB, MongoDB server's firewall, inter-vlan firewall, and edge firewall. When the entire system is misconfigured, you use the word "inept".