A server stored teenagers' Apple ID email addresses and plaintext passwords [...] At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children.
[...] the Los Angeles, Calif.-based company left its servers, hosted on Amazon's cloud, unprotected and accessible by anyone without a password.
[...] The database stores the parent's email address associated with TeenSafe, as well as their corresponding child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.
"Technology has brought with it a world your child might not be ready for," the company tells us in a video. "Begin a free trial today!"
TeenSafe home page (archives and more archives)
(Score: 0) by Anonymous Coward on Tuesday May 22 2018, @12:56AM (2 children)
I'm a parent using an app to spy on my kid. Obviously I'm not thinking clearly so why would I question giving away my kid's password?
(Score: 0) by Anonymous Coward on Tuesday May 22 2018, @01:48AM (1 child)
(Score: 0) by Anonymous Coward on Tuesday May 22 2018, @09:15AM
If you're afraid that your child may start using drugs then you need more hands-on parenting. Monitoring their cell phone use is not going to prevent them from trying or using drugs.