A UK-based security researcher found two servers used by the popular mobile app “TeenSafe” unsecured and publicly accessible without a password. The app, used by parents to monitor their children’s phone activity, stored thousands of accounts on the Amazon cloud servers that contained parents’ email addresses, the child’s Apple ID email address, the child’s device name, the device’s unique identifier, and the plaintext passwords for the child’s Apple ID. The company was notified by the researcher, and both servers were taken offline. TeenSafe is in the process of alerting customers who may have been impacted by the breach. The NJCCIC recommends parents who use TeenSafe review the ZDNet report. Additionally, users should change their passwords for all accounts associated with the app.