A server stored teenagers' Apple ID email addresses and plaintext passwords [...] At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children.
[...] the Los Angeles, Calif.-based company left its servers, hosted on Amazon's cloud, unprotected and accessible by anyone without a password.
[...] The database stores the parent's email address associated with TeenSafe, as well as their corresponding child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.
"Technology has brought with it a world your child might not be ready for," the company tells us in a video. "Begin a free trial today!"
TeenSafe home page (archives and more archives)
(Score: 5, Insightful) by Sourcery42 on Monday May 21 2018, @07:36PM
It rather sounds like technology has brought with it a world these fuckwits aren't ready for either.