TeenSafe – an extensively used app by parents to monitor their children (mainly, the teens) globally has now done something shocking. It seems that the phone monitoring app poses threats to your own security as it reveals your data.
According to the recent discovery by a security researcher, this app leaked thousands of login credentials of its users. If you were using this app to monitor kids, then beware. Your account details might also have leaked online!
The news broke recently when Robbert Wiggins, a UK-based security researcher, found two leaky servers for TeenSafe. According to the report, TeenSafe has left its data unencrypted on Amazon’s cloud servers. Hence, anyone can access this data without a password. That is how Robbert Wiggins successfully revealed this shortcoming.
Robbert Wiggins is a UK-based security researcher who chases publicly exposed data on various locations.
The leaked data contained details of thousands of accounts of both the parents and the children. Precisely, the data exposed by this phone tracking app included about 10,200 login IDs and passwords.
TeenSafe is a phone monitoring application that helps parents keep an eye on their children. This app claims itself to be the ‘secure’ way to spy on your teens. Through TeenSafe, you can view all your child’s activities, such as the conversations (text messages), location, call logs, web browsing data and history, and all the apps that your child has installed in the cell phone.
TeenSafe is a ‘privacy-invasive’ app. It means that you do not need your child’s consent to monitor his/her cellphone. The app is particularly popular among the parents since it works well on both iOS and Android systems.
Although the app is virtually safe to use, the recent breakout of data raises questions on the security of its users’ data.
After being informed about this data breach, rather data leakage, TeenSafe was quick enough to pay attention to the matter. According to the report, the problem occurred due to their unsecured data servers. Precisely, it lacked the two-factor authentication feature.
As a result, thousands of accounts were put in danger, as it was easier to seep through and acquire all the login IDs, email addresses, and passwords. Virtually, anybody snooping through this data was able to sign in using these details and get access to their children’s information. So the authorities were quick enough to pull the servers offline. According to a TeenSafe spokesperson,
“We’ve taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted.”
Fortunately, the leaked data merely consisted of account details. It had no traces of an individual’s private data, such the messages, photographs, and other sensitive data. However, we cannot rule out the possibility of accessing this data via using the login credentials by any scammer.
TeenSafe claims its service to be used by millions of parents globally. It, once again, ensures its users that their data remains safe with TeenSafe. It states on its website,
“TeenSafe employs industry-leading SSL and vormetric data encryption to secure your child’s data. Your child’s data is encrypted – and remains encrypted – until delivered to you, the parent.”
The swiftness of the TeenSafe authorities to take security measures to encrypt their users’ data is much appreciable. However, we are left with a plethora of questions and suspicions about the privacy, encryption, and vigilance of such phone-monitoring apps. Should we re-consider ‘again and again’ while using such apps? This question certainly deserves a well-researched answer!
Image courtesy of Pixabay