U.S. Markets open in 9 hrs 11 mins

Thousands of Apple ID passwords were just leaked by a teen phone monitoring app

Jacob Siegal

While many children understandably view it as a nuisance, smartphones give parents the ability to track their location when they leave the house. Kids may see it as a violation of privacy, but it can put a parent’s mind at ease, especially if there is an emergency and they need to find their kid right away. But when it comes to location tracking, parents and children need to trust the tools they’re using, and one popular app might have eroded that trust for good.

Over the weekend, ZDNet reported that UK-based security researcher Robert Wiggins had discovered that mobile app TeenSafe — which allows parents to check their kids’ location, call logs, texts, and more — left two of its servers hosted on Amazon’s cloud unprotected, exposing tens of thousands of user accounts.

Don't Miss: The soda can-sized portable home theater everyone loves is Amazon’s deal of the day

“We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted,” a TeenSafe spokesperson told ZDNet after the publication altered them to the leak.

As ZDNet explains, the database in questions contains parents’ email addresses, as well as the corresponding Apple ID email addresses of their kids, the name of their device, and the device’s unique identifier. Plaintext passwords for the children’s Apple accounts are stored on the server as well, and the app requires two-factor authentication to be disabled. The good news is that the actual content on the phone (photos, texts, location data) was not accessible via the server, but all that a bad actor would need to do to find the content would be to log into the Apple account.

TeenSafe claims that over one million parents use its app, and it’s unclear how many of them may be affected by this leak. ZDNet says that 10,200 records appeared on the server from the past three months, but some of those might be duplicates. Either way, if you’ve ever used the app, change your passwords ASAP.

BGR Top Deals:

  1. The soda can-sized portable home theater everyone loves is Amazon’s deal of the day
  2. Today’s best deals: Roku, Fire TV, $17 Crock-Pot, smart toilet, Apple AirPods, Nest Thermostat, more

Trending Right Now:

  1. This app hacked the iPhone’s dual camera system, and you’ve never seen anything like it
  2. OnePlus 6 review: 6 things I like about the new OnePlus flagship, and 3 things I hate
  3. OnePlus 6 is faster in real-life tests than the iPhone X and Galaxy S9+

See the original version of this article on BGR.com