TeenSafe smart device activity monitor exposed tens of thousands of passwords

Written almost 3 years ago by IanDorfman

A smartphone activity monitor called TeenSafe stored accounts of children of 7 to 17 years of age in plaintext format on their servers. Two of these servers have now been exposed, with tens of thousands of accounts (both Apple IDs and Google Accounts) and passwords being leaked in the process.

The server leak was originally discovered by Robert Wiggins and reported by ZDNet.

In order for TeenSafe to function, it requires that monitored accounts have two-factor authentication disabled, which makes it so the accounts being monitored are even more susceptible to these attacks.

TeenSafe has told ZDNet that it "will provide additional information" as it continues to evaluate the situation.