Teen Phone Monitoring App Leaked Thousands of User Passwords

[Megalith]

Data breaches are nothing new, but this one deserves a little more attention since it involves plaintext passwords. Mobile app TeenSafe, which lets parents snoop at their kids’ text messages and web browsing history, had mistakenly left its servers accessible by anyone without a password.

The database stores the parent's email address associated with TeenSafe, as well as their corresponding child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID.

 

[sfsuphysics]

See who needs to worry about quantum computers breaking encryption!

 

[Spidey329]

How do you not at the least hash the passwords? Incompetence all around on this one.

 

[knowom]

maybe just don't buy your teen age kid smart phones next time and/or respect their privacy...

 

[gxp500]

maybe just don't buy your teen age kid smart phones next time and/or respect their privacy...

Buuuut mommmmm everyone has an iphone, i needs it too!
If they want privacy they can buy their own $1000 phone.

 

[Lakados]

So something that lets you invade others privacy has a security problem. Colour me shocked!!!

 

[AK0tA]

online security is much like the stock market for the average Joe home investor. Invest today market crash tomorrow and sweep your account, repeat. To me online security is just a hoax to get you to put your information out there in the first place.

 

[SvenBent]

and the government punishes them how?

so much effort on getting joe bloe in prison because he got addicted to a substance. so little on companies just screwing over people.

 

[katanaD]

So something that lets you invade others privacy has a security problem. Colour me shocked!!!

no.. no.. no


your seeing this all wrong.

being so open and easy to access is a FEATURE of the product. To allow those who have technical short comings easy access to the data they need.

 

[PaulP]

You can be sure that any app with the word "secure" in it is not.

 

[knowom]

So concerned about privacy they gave their real name and real email address oops...