TeenSafe App Leaked Thousands of Apple ID Accounts
- Salman Ahmed
- May 21st, 2018
According to ZDNet, TeenSafe app that assists parents to keep a check on their children activities on different social platforms and on a smartphone has leaked data through an open source server.
Moreover, according to ZDNet officials, there are almost 10,200 accounts, which have been breached through this leaked open source server.
TeenSafe app itself is created to provide secure monitoring feature that is available on both iOS and Android platform to allow parents to keep an eye on their children smartphone activities (such as text and call log history, and their location).
The server that leaked TeenSafe users data (both parents and children) is hosted on Amazon’s Cloud platform, which was left as an open source for all. It means anyone can access user’s data without any security question or password.
After the confirmation of TeenSafe data leak, the official team told ZDNet “We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted…”
A UK based cybersecurity expert, Robert Wiggins was first to revealed the news about TeenSafe server leak. Additionally, he also told that the data of TeenSafe users was breached that was stored in the form of plain text (such as text messages, emails, Apple ID accounts and passwords).
The good news is that only plain-text data has been breached but according to Robert Wiggins, the plaintext data also includes users’ devices (IMEI) number series. However, there is no evidence found related to the leakage of app content (such as messages, photos and videos) which was stored on the open source server.
But the point that bothers us the most is that the data which was breached also include Apple ID credentials. It means anyone can access users ID since TeenSafe app requires 2FA (Two Factor Authentication) to be turned off.
However, according to the TeenSafe official, the leaked servers have been already been shut down and also reported “At least 10,200 records from the past three months containing customers data – but some are duplicates stored on the server.”
Apps as TeenSafe collect a massive amount of user’s data to provide this kind of security and tracking services. However, the way TeenSafe app creators showing lack of interest in making users data safe and secure raises a significant concern.
After all these kind of incidents, the official IT legal authorities should take an initiative on a state level to make these apps responsible and maintain the privacy of users. In case they failed, there must be a policy to take legal action against them.