Personal data belonging to tens of thousands of users of genealogy software has been exposed online, leaving them vulnerable to possible scams.
On Monday, July 20, researchers from WizCase revealed they found a data leak affecting an unencrypted ElasticSearch server. According to the team, the unprotected server belonged to Software MacKiev, a developer of premium quality software, and the company behind the Family Tree Maker app.
“Family Tree Maker (frequently referred to as FTM) appears to be the key stakeholder in the leaking database. The genealogy software was initially released in 1989, but it has since been passed from its original developer to Broderbund, The Learning Company, Mattel, and Ancestry.com, before reaching its current owner, Software MacKiev,” the researchers wrote.
According to them, Software MacKiev syncs user data of genealogy platform Ancestry.com.
“As the leak showed some logs from Ancestry.com, our research proved that there’s a clear link between the two companies. MacKiev was the company who had been responsible for developing the MacOS version of Family Tree Maker since around 2010, and acquired the Windows version of the software from Ancestry in 2016. Family Tree Maker features an Ancestry-inspired design and the ability to sync family trees with accounts and information from the Ancestry website,” they added.
In total, the exposed server contained about 25GB of Ancestry user data and MacKiev Software user subscription. Approximately 60,000 users are affected, with most identified as US residents.
Among the details exposed on the leak include email addresses of users, their subscription type and status, their location data (including geolocation coordinates and cities), IP addresses, comments and complaints, technicalities, and more.
WizCase warned that the exposure of users’ sensitive data “could have given cybercriminals and scammers access to user personal information, putting many people in great risk of having their credentials used against them.”
Among the possible risks listed by the researchers include the threat of spam and phishing attacks, fraud attempts, technical vulnerabilities impacting Software MacKiev and its associated companies, and business espionage (due to the leaked comments and complaints from customers).
To help affected users, WizCase provided a few security tips, including being careful of details they share online, refusing to open any attachments sent by suspicious accounts, masking their devices’ IP by connecting to a VPN, and finally, getting antivirus software.
According to the researchers, they have notified Software MacKiev immediately about the leak, and while they did not receive any response, the database in question was closed shortly after.