Teen phone tracking app exposed thousands of Apple accounts


Parents understandably pour a lot of trust into apps that monitor their kids' activity. That makes it all the more painful when there's a lapse in security, and that's unfortunately the case today. Security researcher Robert Wiggins discovered that TeenSafe, a mobile app that lets parents track teens' locations and text messaging habits, left the data thousands of accounts exposed on two Amazon servers. One of them held nothing but test data, but the other included kids' Apple ID email addresses and passwords, not to mention the email addresses of the parents.That's serious enough by itself, but it's compounded by the way TeenSafe works. You have to turn off Apple's two-factor authentication to use TeenSafe on an iOS device, making it easy for an intruder to sign in with another device and look at a teen's iCloud data.
To its credit, TeenSafe told ZDNet it had shut down the relevant server and started warning customers that might be affected. The problem, as you might surmise, is that it took Wiggins' findings for the company to lock things down. Data privacy is important for any service, but it's crucial for child-oriented apps where many of the users are particularly vulnerable and inexperienced.

Comments

  1. MarthaMay 15, 2020 at 7:20 AM

    I have a 15 year old daughter and should say that the spying app mspylite is super useful for me. It gives the opportunity to track where is my child now, see her browse history , calls and messages.
    I don't read her personal messages from friends but there was one boy who blackmailed her so the app was pretty handy and that's good I noticed from the very beginning.

    ReplyDelete

Post a Comment