Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
52,093
13,710



ZDNet reports that a server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of login credentials, including the Apple IDs of children.

The leaked data belonged to customers of TeenSafe, a "secure" monitoring app for iOS and Android that allows parents to view their child's text messages and location, call history, web browsing history, and installed apps.

teensafe.jpg

The customer database was reportedly stored on two servers hosted by Amazon Web Services, where it remained unprotected and accessible without a password. The discovery was made by a U.K.-based security researcher specializing in public and exposed data, and the servers were only taken offline after ZDNet alerted the California-based company responsible for the TeenSafe app.
"We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted," said a TeenSafe spokesperson told ZDNet on Sunday.
The information in the exposed database included the email addresses of parents who used TeenSafe, the Apple ID email addresses of their children, and children's device name and unique identifier. Plaintext passwords for the children's Apple ID were also among the data set, despite claims on the company's website that it uses encryption to protect customer data.

teensafe-1.jpg

Compounding the lax security is the app's requirement that two-factor authentication is turned off for the child's Apple account so that parents can monitor the phone without consent. This means a malicious actor could potentially access a child's account using the login credentials that were stored on the exposed server.

TeenSafe counts over a million parents as customers, although the database was reportedly limited to 10,200 records gleaned from the past three months of customer usage. The company said it would continue to assess the situation and provide additional information to customers as soon as it became available.

Article Link: Thousands of Apple ID Passwords Leaked by Teen Phone Monitoring App Server
 
  • Like
Reactions: karazelle

Nuvi

macrumors 65816
Feb 7, 2008
1,041
473
Interesting, just yesterday Apple requested me to change my Apple ID password. I’m not sure if this due to fact that my young daughter also has Apple ID and this was just precautionary measure or if it’s just routine for Apple to request password change if the password is very old. However, I have never used “Teen Safe” or any similar service. In any case I have had two factor authentication activated since it became available so I’m sure there hasn’t been attempts to access my account.
 
Comment

JSt83

macrumors member
Jan 6, 2014
56
64
Because of thir limited life experiences, kids will do stupid things. Monitoring apps have place, but they are certainly no substitution for the large investment of parental time it takes to mold a child into an adult.
Molding a child into an adult, now that sounds fun!
 
  • Like
Reactions: Fiachers
Comment

djcerla

macrumors 68000
Apr 23, 2015
1,972
9,007
Italy
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!

Having the app installed, with the kid agreeing with it, does not necessarily mean using it.

In Italy we have average speed control on sections of motorways; it’s not clear when they’re active or not, and most of the times they’re not. But the mere presence of the portals managed to dramatically reduce speeding and the number of casualties (as much as 70%).
 
Comment

elvisimprsntr

macrumors 6502
Jul 17, 2013
374
494
Florida
Incompetence and negligence.

Good luck getting any form of compensation or refund.

https://www.teensafe.com/helps/terms/

Indemnification. You agree to indemnify, defend and hold TeenSafe and the Related Parties harmless from any and all claims, demands, damages or other losses, including reasonable attorneys’ fees, resulting from or arising out of your use of the Site, the Software and/or the Service or any breach by you of this ToU or any other policies that TeenSafe may issue for the Site, the Software and/or Service from time to time.
 
Last edited:
Comment

SoundJudgment

macrumors regular
Jul 3, 2017
166
177
Yet, somehow everyone will twist this all around and claim it was 'Apple's fault.'
Who wants to go first??
 
  • Like
Reactions: tyasjs
Comment

Nuvi

macrumors 65816
Feb 7, 2008
1,041
473
Molding a child into an adult, now that sounds fun!

For better or worse, that’s what the parents are always doing. Doesn’t matter if they do it knowingly or not, it’s the job the parents singed for when they decided to create life.

Regarding “parenting apps”, they have their place in modern society. However, they can be used to extend the trust or ruin it completely.
 
Comment

CoelhoJSJD

macrumors newbie
May 21, 2018
2
3
Wrong. You need pay close attention to how this is worded. Please note, almost all indemnification clauses which are vague and unilateral; such as this one, will never hold in court.

Following the quote from the website:

Indemnification. You agree to indemnify, defend and hold TeenSafe and the Related Parties harmless from any and all claims, demands, damages or other losses, including reasonable attorneys’ fees, resulting from or arising out of your use of the Site, the Software and/or the Service or any breach by you of this ToU or any other policies that TeenSafe may issue for the Site, the Software and/or Service from time to time.

What has ensued was a breach of trust by the provider and had nothing to do with the user base.

P.S. This application is heinous.
Incompetence and negligence.

Good luck getting any form of compensation or refund.

https://www.teensafe.com/helps/terms/
 
Last edited:
  • Like
Reactions: tooloud10
Comment

nwcs

macrumors 68020
Sep 21, 2009
2,036
2,799
Tennessee
If you need to monitor every detail of your teens life, then you already screwed up when they were just a toddler.

And are you kidding me with the plaintext passwords? Who wrote this app? Some teenager?
It’s not always that simple. I was just on a jury panel a couple of weeks ago of a murdered 16 year old. If her parents had access to the info that was exchanged between their daughter and her boyfriend/murderer then perhaps she would be alive. She showed various messages and things to her friends but when asked why the friends didn’t do anything they basically said they hadn’t gotten around to it. As one of them said, “I guess hindsight is 20/20.”

Yes, sometimes it is bad parenting but it’s too easy to just blame the parents — a well that never seems to run dry these days. Just consider that sometimes it is the kids — even with the parents’ best efforts.
 
Comment

Piggie

macrumors G3
Feb 23, 2010
8,718
3,291
Jesus H, this product is abominable. True helicopter parent dystopian BS. Just let kids be kids!

What you mean take their phones away totally and let them grow up, as children have done for the past couple of million years as well rounded, normal human beings, without worrying, and staying up and night due to what someone may say about them, or needing to broadcast their every action to social media for their friends to see?

Yes. Let's take the dam phones away and let them grow up as well adjusted people before the curse of the mobile phone it thrust into their lives.
 
Comment

Fender2112

macrumors 65816
Aug 11, 2002
1,092
300
Charlotte, NC
As I read these comments, it's easy to tell who are parent's and who are not.

To those who are not, you really have no basis to be criticizing a parent for monitoring their child's activities. As long as I am responsible for my children, I will do what I can to monitor and protect them even if that means they give up a little privacy.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.