ZDNet reports that TeenSafe, an app that helps parents monitor their teenager's phone usage and boasts over a million users, had an online database server that leaked over 10,000 customer records in plain text. These records contain the parent's email address and unique device ID, but also hold the child's device name and ID as well as their Apple ID and its password. To top off this bad news, using the app required two-factor authentication be turned off so everything a malicious person needs to break into a child's Apple account is readily available.
A TeenSafe spokesperson told ZDNet they have started to alert affected parties:
We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted.
Robert Wiggins, a UK-based security researcher who scours the web looking for public and exposed user data found two TeenSafe servers he was able to access. The 10,200 record leak does contain some duplicate entries, but there are still thousands of Apple accounts exposed. None of the entries contain user-generated content such as photos or messages nor do they give any location data. They look to be error messages logged with the user credentials as their identifier in the database.
ZDNet used the parent's information to reach out and verify the expanse and severity of this data leak, though none of the children were contacted. The affected servers are no longer online though sample data is available at ZDNet.
If you use TeenSafe to monitor your child's activity you should contact the company through their website.
We may earn a commission for purchases using our links. Learn more.
iPhone 12's 'high-end' camera production 4-6 weeks behind schedule
Estimates suggest production is currently 4-6 weeks behind.
Analyst claims Apple has a 10-year lead in wearables, and that's being kind
Apple analyst Neil Cybart has a new, lengthy post up touting Apple's wearables market amongst other things.
Tim Cook agrees to testify before House antitrust committee
Tim Cook has agreed to testify before a house antitrust committee alongside the CEOs of Google, Facebook, and Amazon.
If you have run an Airbnb, you might need one of these smart locks
These smart locks provide both convenience and security for you and your guests at your Airbnb rental. Make managing things easier by assigning codes and app access with the best smart locks around.