FitMetrix user data exposed via passwordless ElasticSearch server cluster

More from: | ZDNET |

Data for an unknown number of FitMetrix users was left exposed on the Internet via a cluster of ElasticSearch servers, a security researcher has discovered.

More security news

The servers, which were not secured with an access password, allowed anyone knowing their IP address to access a trove of information, some of which contained the personal data of FitMetrix users.

According to its website, FitMetrix is a company that provides heart rate monitoring software for gyms, studios, corporate wellness programs, and healthcare professionals. The company was founded in 2013 and acquired earlier this year by Mindbody, Inc., another company that provides a large catalog of cloud-based business management software for the wellness services industry.

The exposed FitMetrix server


Read full article »

About | ZDNET |

ZDNet brings together the reach of global and the depth of local, delivering 24/7 news coverage and analysis on the trends, technologies and opportunities that matter to IT professionals and decision makers.

Whatever your role in the IT buying cycle, ZDNet provides support -- from investigating options to optimizing a solution. Whether you want to follow hot topics or emerging trends, or keep up to date with the latest news and events, ZDNet is the destination for professionals seeking to research technology-related issues, and solve business technology problems.

»Twitter: @zdnet »Facebook: @ZDNet