NEWS
Surveillance App Stored Teens' Apple IDs on Unprotected Servers
2009
2018-05-21
Posted by 3uTools

An app meant to let parents monitor the phone activity of teenagers was until recently saving the latter's Apple ID passwords in unprotected plaintext form, a report revealed on Sunday.


Surveillance App Stored Teens' Apple IDs on Unprotected Servers


The information collected by TeenSafe was hosted on Amazon servers, and also included device identifiers and the email addresses of parents, ZDNet said, crediting the discovery to U.K. researcher Robert Wiggins. Those servers have been temporarily pulled offline, and a TeenSafe representative stated that the company has begun notifying anyone who might be impacted.


At least 10,200 records from the past three months contained customer data, though some were duplicates.


TeenSafe markets itself as a secure, encrypted way for parents to track call, Web, and location histories, as well as read text messages, even deleted ones. 


Using the app to track a teen's iPhone requires that they have two-factor authentication turned off, though, which means that any hacker who discovered the plaintext passwords could hijack a teen's Apple ID and view private content.


It's not known if any malicious attacks have been launched, but some of the affected customers had already changed their account data prior to being alerted.


Source: appleinsider

Related Articles
Unlikely ‘iPhone SE 2’ with iPhone X Design Surfaces in New Video A New Phishing Attack Could Trick your Apple ID Password It has 423 uncracked Apple devices in Manhattan evidence room Apple's Warranty Coverage Check Website Briefly Demanded Apple ID for Access Apple's iTunes Remote Updated With Two-Factor Authentication Apple’s My Support Page is Back With New Design Apple Email Encourages Trade-in Upgrades to iPhone 7 Ahead of 'iPhone 8' iCloud Users Receive Unexpected Subscription Discontinuation Alerts