TeenSafe Monitoring App Leaks Apple IDs of Several Young Users

TeenSafe is a monitoring app onAndroidand iOS which allows parents to keep a track of their kids in order to keep them ‘safe’. Ironically, the app itself isn’t really safe to begin with. According to a recentreportfromZDNet, TeenSafe has been hosting users’ Apple IDs and passwords on open servers which are not even protected by a password.

The controversial app allows parents to monitor their child’s text messages, location, call logs, and web browsing history. It had two such unprotected servers which were hosted on Amazon’s cloud service, and first discovered by security researcher Robert Wiggins. Wiggins revealed that just one of the servers had 10,200 records on a database, containing primary emails used to sign up to TeenSafe along with the associated teen or child user’s Apple ID email address.(Image: ZDNet)

The unprotected servers also recorded the device names, its unique identifiers, and the plaintext password for the child’sApple ID. It’s worth noting that no content such as photos, messages, or location data was found on the servers.

TeenSafe has since closed one of the servers to the public after being alerted byZDNetand has announced that it has“begun alerting customers that could potentially be impacted.”It remains unclear if the app has any other such unprotected servers containing additional data. TeenSafe claims to have over a million parents using the service and if there are any more such servers all of the users could in turn be affected by a data breach.

Pranob Mehrotra

Add new comment

Name

Email ID

Δ

01

02

03

04

05