News and Updates on Information Technology

United States – Family Tree Maker

Exploit: Unauthorized Database Access
Family Tree Maker: Genealogy Software

Risk to Small Business: 2.137 = Severe

An unsecured Elasticsearch server is to blame for Family Tree Maker’s leak of more than 25GB of user data. User information that was leaked includes email addresses, geolocation data, IP addresses, system user IDs, support messages, and technical details. The leak apparently also included technical details about the system’s backend.

Individual Risk: 2.503 = Moderate

No personally identifiable or financial data was reported as compromised in this breach, but users should be aware of spear phishing attempts using this compromised data.

Customers Impacted: 60,000

How it Could Affect Your Customers’ Business: An unsecured database is an unnecessary foul. Overlooking basic security measures like this is an indicator that cybersecurity best practice isn’t being enforced actively and corners are being cut by careless staffers without repercussions.