News

Data breach in app gave access to plaintext passwords Apple ID children

By admin
Spread the love

A data breach of a child monitoring app was found to store plaintext passwords of parents and children on unsecured servers. The unsecured servers have since been taken offline. It is unknown whether malicious parties have exploited the vulnerability.

There were personal data of ten thousand users on the servers, but it is unknown how many duplicates there were, reports ZDNet. The plaintext passwords gave direct access to the children’s Apple ID, as the app requires disabling two-factor authentication. As a result, malicious parties could log in with the data. The app in question is TeenSafe, which claims to have a million users and aims to give parents insight into what children are doing with their iPhone.

ZDNet contacted several parents whose data was on the server, who confirmed the correctness of the data and passwords. Another server turned out to only contain test data. ZDNet got the tip from a British security researcher.

Storing the passwords in plaintext contradicts Teensafe’s claim on its own site, where the company claims to use encryption to store data. The servers are offline. The company says in a response to reveal more information as it becomes available.

You might also like
News

Apple has been working on its own search engine for years. It’s called…

News

Rumor: Apple is working on its own applications based on a large language model

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

Exit mobile version