In Brief

Teen tracking app leaks ‘thousands’ of user passwords

Personal data of parents and children were stored in plain-text form on a ‘leaky server’

TeenSafe, an app that lets parents monitor the location of their children, has leaked the account and password details for “tens of thousands” of its users. 

The security breach was uncovered by Robert Wiggins, a UK-based security researcher who searches for public and exposed data. He found two “unprotected” Amazon-hosted computer servers that were being used by the Los Angeles-based company behind the app, ZDNet reports. 

One of the servers stored the email addresses and Apple ID information of users, while the other appeared to contain “only test data”, according to the news tech site. TeenSafe took both servers offline after being informed about the leak. 

A TeenSafe spokesperson told ZDNet: “we have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted.”

Speaking to the BBC, Wiggins said TeenSafe had not employed “basic security measures” on the affected computer servers.

The app, available for iPhone and Android mobiles, uses tracking software that can be “downloaded by parents onto their child’s smartphone”, The Daily Telegraph says. 

Once installed, parents can use the software to monitor their children’ location, text messages and calls, as well as access their internet browsing history. 

What is “particularly concerning” about the leak is that the data had been stored in “plain-text form”, which was not protected by any form of encryption or firewall, says Digital Trends

This means hackers would have “little trouble accessing an exposed Apple ID account”, as they could simply copy the login details from the “leaky server”, the site says. 

The TeenSafe data breach is far from the first of its kind.

Companies including Facebook, Delta Airlines and the travel booking website Orbitz have been hit by leaks in recent months, reports  The Verge.  

Recommended

How DAOs work – and why they matter
Code on a computer
Getting to grips with . . .

How DAOs work – and why they matter

Lloyd vs. Google: what blocking of £3.2bn lawsuit means for tech users
UK Supreme Court
Why we’re talking about . . .

Lloyd vs. Google: what blocking of £3.2bn lawsuit means for tech users

Inside Israel’s facial recognition surveillance system
In Depth

Inside Israel’s facial recognition surveillance system

Millionaire ‘mugged’ of bitcoin fortune by masked raiders
Social media entrepreneur Zaryn Dentzel
Stranger than fiction

Millionaire ‘mugged’ of bitcoin fortune by masked raiders

Popular articles

Vladimir Putin and his mysterious love life
Vladimir Putin and his now ex-wife Lyudmila Putina
Profile

Vladimir Putin and his mysterious love life

Trump ‘upset his son won’t say he loves him’
Donald and Barron Trump
Tall Tales

Trump ‘upset his son won’t say he loves him’

Woman who married herself divorcing after meeting someone else
A wedding ring
Tall Tales

Woman who married herself divorcing after meeting someone else

The Week Footer Banner