INSUBCONTINENT EXCLUSIVE:
Image copyrightGetty ImagesImage caption
The Teensafe app monitors calls, texts and web browsing
The
Apple and Android IDs of more than 10,000 children were left unprotected on Amazon cloud servers for months, reports ZDNet.The data was
found on one server run by Teensafe, which makes an app parents can use to monitor and control their child's phone use.Also exposed were
plaintext passwords, parents' email addresses as well as device names and unique identifiers.The company shut the server down when it was
told data was being exposed."We have taken action to close one of our servers to the public and begun alerting customers that could
potentially be impacted," Teensafe told ZDNnet
The app maker has not yet responded to a request for a statement from the TheIndianSubcontinent
The data-exposing server was found by security researcher Robbie Wiggins, who has previously found thousands of similarly misconfigured
machines on Amazon Web Services
In this case, he also found another poorly protected Teensafe server which had no important data on it
ZDNet said the servers were left "unprotected and accessible by anyone without a password"
Data from more than 10,000 accounts was exposed on them.Mr Wiggins told the TheIndianSubcontinent that the data was viewable because
Teensafe had not put in place basic security measures, such as a firewall, to protect data.The scan across AWS that turned up the Teensafe
server also found machines run by other companies that had made the same mistakes, he said.Teensafe describes its app, which is available
for both iOS and Android, as a way to "securely" monitor smartphone use
Once installed, the app lets parents see text messages, numbers being called, websites visited and which apps are installed
The company claims more than one million parents use its service.
