The TeenSafe app data breach is irony at its finest
Who monitors the monitor?
TeenSafe is supposed to help parents keep their children safe. Instead, the monitoring service has suffered a massive data breach, according to ZDNet.
In an exclusive report, ZDNet notes that two servers running TeenSafe data had data compromised, although only one of those servers had actual user data installed. The app, for both iOS and Android, lets parents look at their kid’s text messages, location, calling information, and web surfing history.
For its part, TeenSafe promised to use encryption to scramble this data. Instead, the information was stored in plaintext.
As ZDNet explains:
The database stores the parent’s email address associated with TeenSafe, as well as their corresponding child’s Apple ID email address. It also includes the child’s device name — which is often just their name — and their device’s unique identifier. The data contains the plaintext passwords for the child’s Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child’s account to access their personal content data.
In total, 10,200 records went unprotected, although the breach didn’t include content, including photos and messages. The data also doesn’t contain location information from parents or children.
If you’re a TeenSafe user, your best bet is to change your password and contact the company for the latest information. For now, TeenSafe will only say it was continuing to assess the situation and “will provide additional information” when it becomes available.
Data breaches, unfortunately, seem to happen all the time.
Just a few weeks ago, Grayshift, a company that unlocks iPhones for police, was hit. Two months ago, Under Armour announced 150 million MyFitnessPal users might have had personal information compromised. Before that, it was Panera Bread.
For more technology news, see: If you use the Ring video doorbell, there’s a new security flaw to worry about, and Unpatchable exploits for the Nintendo Switch found by security researchers.
Are you a parent that uses TeenSafe? What do you think about this new data breach? Let us know in the comments.