• by Ray Schultz , May 21, 2018

TeenSafe, a brand that prides itself on protecting young people, has suffered a data breach that includes the email addresses of parents and teens, Apple ID passwords and other data.

Over 10,200 records were exposed, although some may be duplicates, according to reports.

The breach was discovered by British security expert Robert Wiggins and reported by ZDNet and other media.  

Available on iOS and Android, TeenSafe’s app helps parents monitor their children’s phone activity 

The breach reportedly occurred when two servers hosted on Amazon’s cloud service were exposed, allowing access without passwords.

A TeenSafe spokesperson told ZDNet that the firm has “taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted." 

Gizmodo reports that individuals’ passwords were available in plaintext, with no encryption or hashing.

It also notes that with two-factor authentication turned off, malicious actors can break into a teen’s account.