Teen Phone Monitoring App Compromised (Via ZDNet)
To parents with teenagers, life isn’t always easy, and today it seems it just got a bit harder for parents who use the monitoring app Teen Safe.
The app Teen Safe allows parents to monitor their child’s phone activity, such as call logs, texts, the phone’s location, and web history. The Teen Safe app has also had some controversy as per the app’s creators
At the same time, each family situation is unique, and you know what is best for your own child. Legally, it is up to your prerogative whether or not you choose to tell your child that you are using TeenSafe.
According to ZDNet, A researcher found that at least one of the servers that the app uses to store information was not protected and the information was available to anyone. On the server they found parents email accounts, as well as the child’s Apple ID email address, the device name of the hardware that was being monitored, the devices unique identifier, and the child’s Apple ID password in plain text. The last part is the big one, even though there was no actual data, like phones, or messages on the Teen Safe server, the fact that anyone could get the Apple ID and password means that anyone could sign into a child’s account and get their info.
The worse part of the situation is that the Teen Safe app requires that Apple’s two-factor authentication be turned off, so if someone has the credentials it would be very easy for them to access the account.
Its seems once ZDNet notified the app maker, they took steps to take the server that was open to be accessed by anyone offline, but who knows how many people had access to the information prior to ZDNet notifying them. For those who would like to read all the details of what ZDNet found, visit Teen phone monitoring app leaked thousands of user passwords
In any case if you or someone you know uses the Teen Safe app, you should be changing the password the parent’s email account used with the app as well as the log in password to the child’s Apple ID. I would also consider removing the app and turning on 2-factor authentication. You can visit the Tech Geek and More post How To Turn On Two Factor Authentication for more details on turning on 2 factor authentication.