Leave a comment

Parental control app database exposed, leaving kids' information compromised

Parental control app database exposed, leaving kids' information compromised
© Artur Szczybylo | Dreamstime.com

As a parent or grandparent, there is nothing more important than keeping children safe. Making sure they are protected was hard enough before we entered the digital age. It's more difficult than ever now.

That's because we don't just have to worry about their safety when they're out with friends. No, now we have to worry about online predators, bullies and every other scary thing trolling the internet.

Which is why many of us have turned to technology to lend a helping hand. Parental control apps are designed to monitor kids' online activity. Now for the scary news. One of these app's database has been left unprotected, leaving kids' information exposed.

Children's data exposed

I'm talking about the app, TeenSafe. It's an app parents use to monitor their children's texts messages, location, who they're calling, as well as keep track of their online activity. The app also lets parents know what other apps have been installed on their kids' devices.

A security researcher recently discovered that the company behind TeenSafe left at least one of its servers exposed. The server is hosted by Amazon's cloud and was left unprotected, meaning anyone who stumbled across it could access it without a password.

The exposed server contained a database with sensitive information. Here's the data left out in the open:

  • Parent's email address associated with TeenSafe.
  • Child's Apple ID email address.
  • Child's gadget name - which serves as its unique identifier.
  • Plaintext passwords for the child's Apple ID - This one is bad. TeenSafe requires that two-factor authentication is turned off. That means a scammer who finds this info could access the child's account to access personal data.

TeenSafe boasts over 1 million parents who use its service. The company claims that it is secure and supposedly uses encryption to hide data like that which was exposed. Apparently that's not the case because the exposed data was in plain text.

Responding to data breaches

Whenever you hear about data breaches like this, there are safety steps that you should take. Keep reading to learn what to do.

Change your password

Whenever you hear news of a data breach, it's a good idea to change your account passwords. This is especially true if you use the same credentials for multiple websites. If your credentials are stolen from a breach, criminals can test them on other sites to log into those accounts as well. Read this article to help you create hack-proof passwords.

Beware of phishing scams 

Scammers will try and piggyback on data breaches like this. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that could lead to more problems. You need to familiarize yourself with what phishing scams look like so you can avoid falling victim to one. Take our phishing IQ test to see if you can spot a fake email.

Keep an eye on your bank accounts 

You should already be frequently checking your bank statements, looking for suspicious activity. It's even more critical when credit and debit card information has been exposed through a data breach. If you see anything that seems strange, report it immediately. It's the best way to keep your financial accounts safe. If your card was breached, your bank will issue you a new one.

Set up two-factor authentication 

Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. This is an extra layer of security that will help keep your accounts safe. Click here to learn how to set up two-factor authentication.

Investigate your email address 

This is a critical step and it will only take a few seconds of your time. You need to know if your credentials are part of any recent data breach. The best way to find out if you're impacted is with the Have I Been Pwned website. 

It's an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest breaches. You can even set up alerts to be notified if your email address is impacted in the future. Click here to find out if your email address has been compromised.

Speaking of data, find out what information Apple has collected on you

It's good to know exactly what information companies have on you. Apple will let you see what data of yours it keeps.

Click here to learn how to find out what it knows.

Next Story
Facebook promises fail:  Site can't control fake news and viral lies after Sante Fe school shooting
Previous Happening Now

Facebook promises fail: Site can't control fake news and viral lies after Sante Fe school shooting

Watch out! New cryptojacking malware destroys your computer
Next Happening Now

Watch out! New cryptojacking malware destroys your computer

View Comments ()