"Hey Siri" support and possibly wireless charging case alongside AirPower charging mat.
Thousands of Apple ID Passwords Leaked by Teen Phone Monitoring App Server
ZDNet reports that a server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of login credentials, including the Apple IDs of children.
The leaked data belonged to customers of TeenSafe, a "secure" monitoring app for iOS and Android that allows parents to view their child's text messages and location, call history, web browsing history, and installed apps.
The customer database was reportedly stored on two servers hosted by Amazon Web Services, where it remained unprotected and accessible without a password. The discovery was made by a U.K.-based security researcher specializing in public and exposed data, and the servers were only taken offline after ZDNet alerted the California-based company responsible for the TeenSafe app.
Compounding the lax security is the app's requirement that two-factor authentication is turned off for the child's Apple account so that parents can monitor the phone without consent. This means a malicious actor could potentially access a child's account using the login credentials that were stored on the exposed server.
TeenSafe counts over a million parents as customers, although the database was reportedly limited to 10,200 records gleaned from the past three months of customer usage. The company said it would continue to assess the situation and provide additional information to customers as soon as it became available.
The leaked data belonged to customers of TeenSafe, a "secure" monitoring app for iOS and Android that allows parents to view their child's text messages and location, call history, web browsing history, and installed apps.
The customer database was reportedly stored on two servers hosted by Amazon Web Services, where it remained unprotected and accessible without a password. The discovery was made by a U.K.-based security researcher specializing in public and exposed data, and the servers were only taken offline after ZDNet alerted the California-based company responsible for the TeenSafe app.
"We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted," said a TeenSafe spokesperson told ZDNet on Sunday.The information in the exposed database included the email addresses of parents who used TeenSafe, the Apple ID email addresses of their children, and children's device name and unique identifier. Plaintext passwords for the children's Apple ID were also among the data set, despite claims on the company's website that it uses encryption to protect customer data.
Compounding the lax security is the app's requirement that two-factor authentication is turned off for the child's Apple account so that parents can monitor the phone without consent. This means a malicious actor could potentially access a child's account using the login credentials that were stored on the exposed server.
TeenSafe counts over a million parents as customers, although the database was reportedly limited to 10,200 records gleaned from the past three months of customer usage. The company said it would continue to assess the situation and provide additional information to customers as soon as it became available.
Tag: security
[ 154 comments ]
Top Rated Comments
(View all)
8 months ago
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!
8 months ago
If you’re in need to use such kind of apps to monitor your children you’re in problems anyway.
8 months ago
As I read these comments, it's easy to tell who are parent's and who are not.
To those who are not, you really have no basis to be criticizing a parent for monitoring their child's activities. As long as I am responsible for my children, I will do what I can to monitor and protect them even if that means they give up a little privacy.
To those who are not, you really have no basis to be criticizing a parent for monitoring their child's activities. As long as I am responsible for my children, I will do what I can to monitor and protect them even if that means they give up a little privacy.
8 months ago
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!
Just saying.
8 months ago
I guess there's nothing like having your privacy violated to prepare you for adulthood.
8 months ago
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!
Because of thir limited life experiences, kids will do stupid things. Monitoring apps have place, but they are certainly no substitution for the large investment of parental time it takes to mold a child into an adult.
8 months ago
What kind of parents spies on their children text messages? That’s just wrong on so many levels ... boundaries people. if you don’t trust them enough to use their own phone privately. Maybe look yourself in the mirror and question what you did wrong rasing them.
8 months ago
Its already concerning enough when you have login credentials that have been explicitly exposed, but especially with the sensitivity of when it involves children’s information.
8 months ago
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!
What you mean take their phones away totally and let them grow up, as children have done for the past couple of million years as well rounded, normal human beings, without worrying, and staying up and night due to what someone may say about them, or needing to broadcast their every action to social media for their friends to see?
Yes. Let's take the dam phones away and let them grow up as well adjusted people before the curse of the mobile phone it thrust into their lives.
[ Read All Comments ]
The Catalyst Waterproof AirPods Case, designed to protect your AirPods case from liquids, is now available from the Apple online store and Apple retail locations.
Priced at $29.95, the...
Following the release of iOS 12.1.1 on December 5 and iOS 12.1.2 on December 17, Apple has stopped signing iOS 12.1, the previous version of iOS that was available to consumers.
iPhone, iPad,...
Christmas is now one week away, and shipping estimates will only become more of an issue for shoppers the closer the holiday gets. That's when e-mail delivery App Store and iTunes Gift Cards come...
Launch Center Pro, an app that offers quick access shortcuts for everyday tasks, today released a major update that adds quite a bit of new functionality.
Version 3.0 of the app introduces NFC...
As of today, Twitter is introducing a new option that will allow iOS users to easily view their tweets in a chronological order, a feature Twitter users have wanted for quite some time.
The...
Satechi today announced a new stand for the iMac, called the Type-C Aluminum Monitor Stand Hub. The accessory features seven built-in ports and an ergonomic design that the company says is aimed at...
Popular iPhone photo editing app Darkroom is today expanding to the iPad, marking the app's biggest update since its 2015 launch.
Darkroom has been rebuilt from the ground up to add support...
With the latest Apple Pay promotion you can save $20 on a future purchase from Nike, if you spend $100 or more in the Nike iOS app and pay for your order using Apple Pay.
The offer...
