Datalek app gave access to plaintext passwords Apple ID children

May

21

2018

A data leak from an app to monitor children appeared to store plaintext passwords from parents and children on unsecured servers. The unsecured servers have now been taken offline. It is unknown whether malicious people have taken advantage of the leak.

There were personal data of 10,000 users on the servers, but it is unknown how many duplicates there were, ZDNet reports . The plaintext passwords gave direct access to the Apple ID of the children, because the app requires the disabling of two-stage authentication. This allowed malicious people to log in with the data. The app in question is TeenSafe, which says that it has a million users and that has the intention to give parents insight into what children do with their iPhone.

ZDNet contacted several parents whose data was on the server, who confirmed the accuracy of the data and the passwords. Another server only appeared to contain test data. ZDNet received the tip from a British security researcher.

Saving the passwords in plain text is at odds with the claim of Teensafe on its own site, on which the company states to use encryption to store data. The servers are offline. The company says in a comment to reveal more information when it becomes available.

TeenSafe server with sensitive info

In: Technology & Gadgets Asked By: [18778 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »


Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]