TeenSafe, a mobile app, popular with parents across the globe because it lets them monitor teen’s location and text messages, has reportedly leaked the data of thousands of Apple IDs on two Amazon servers.
Robert Wiggins, a security researcher, revealed these two leaky servers of Amazon, as reported by ZDNet. The researcher states that one of these servers had nothing except some test data, but the second one had enough data of both kids and parents like Apple ID, email addresses, and passwords.
It’s quite surprising as well as the TeenSafe app is considered quite secure and it even uses a two-factor authentication method to work on an iOS device. This makes it look difficult for an intruder to sign in with another Apple’s device to access teen’s iCloud data.
ZDNet reports that the among other servers that TeenSafe used, Amazon’s two servers were considered faulty. The data hosted by these servers was unprotected and remained easily accessible without the requirement of any password. When ZDNet alerted the company about their unprotected data, they responded by saying;
“We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted.”
The media reports also affirm that no other private data such as messages, photos, or location history of both kids and parents were exposed to this leaky server.
TeenSafe has over 1 million active users only in the US, just to give you a glimpse of the app’s popularity, however, the data of only few thousand was exposed via the server.