Records for a mobile app that parents can use to monitor what their kids are doing online has been exposed in the latest Amazon Web Services cloud misconfiguration.
Thousands of accounts for TeenSafe, which is a mobile app that parents can use to monitor what their kids are doing online, have been exposed in the latest Amazon Web Services cloud misconfiguration.
According to a report from ZDNet, which verified the data breach, there were at least two servers left open to the internet without a password, with information easily available in plaintext.
The leaky servers were discovered by security researcher Robert Wiggins, who told ZDNet that the information trove contained parental email addresses, Apple ID information including emails and passwords, the name of the teen’s device and the phone’s unique identifier. Fortunately, no location information, nor photos or message content was made public, but the info that was on offer is certainly enough to mount a phishing expedition or log into an account and hijack it.
For More Details :
https://threatpost.com/teensafe-tracking-app-exposes-thousands-of-private-records/132152/
