Thousands of Apple ID accounts are leaked because an application's server has data leaks

Two of TeenSafe's servers, the monitoring application allows parents to monitor their activity on Android and iOS devices, stored on the Amazon cloud service with security issues.

Specifically, these two servers are not protected by passwords, meaning thousands of accounts of parents and children use TeenSafe risk of information disclosure.

This serious security vulnerability was discovered by security vendor Robert Wiggins. Although one of the servers is only for processing test data, another server contains 10,200 data records including the email address of the parent associated with an account / Apple ID address, device name. , the child's UDID number and password to access the Apple ID are not encrypted.

Importantly, TeenSafe requires users to turn off two-factor authentication for their child's Apple ID account so that parents have the right to monitor the phone without consent. This means hackers can use leaked information to break into accounts and collect data.

Immediately after receiving a warning about the vulnerability, TeenSafe closed one of the servers. Customers were also informed about the risks affected by the company.

See more:

1. Detecting an extremely dangerous vulnerability on nearly 16,000 iOS applications
2. Windows 10 April Update 2018 Update makes taskbar invisible
3. Virtual Assistant Google Assistant will support Vietnamese at the end of the year