A recent database error at uKnowKids.com exposed sensitive information (including full names, email addresses, text messages, images, social media account details, GPS coordinates and more) on approximately 1,700 kids, as well as the company's IP, according to a recent statement by the company's CEO, Steve Woda. The database exposure was discovered after being online for 48 days by security researcher Chris Vickery.
uKnowKids.com is an online service that helps parents monitor, and quickly analyse, their child's social networking and mobile phone activity, profiles, friends and more.
Ryan Wilk, director at NuData Security says, “This newly reported breach at uKnowKids.com comes hot on the heels of a plethora of other data breaches, and is a stark reminder that personal data is always a desirable target for hackers and, no matter how diligent a company’s efforts in data protection. While unfortunately uKnowKids was the target this time, the real damage comes from what happens to that data after the breach. Although uKnowKids has said that no financial details or login details were leaked, victims of a breach need to understand that every bit of information exposed is important. Fraudsters are learning that information obtained from various breaches can create more comprehensive 'identity bundles' which sell for a higher value to hackers. With more complete information, more fraud can take place. Given the widespread repercussions that fraud can have, the importance of fraud detection can not be overstated. To fight this companies need an enhanced method to protect themselves and their valued data. By focusing more on passive biometrics organisations can establish how legitimate account holders actually act, and through that be more secure in the knowledge that it is their real user accessing the account - whether it be for e-commerce sites, or higher risk areas. The data is out there, more of it every day. uKnowKids is another example and won’t be the last. That’s why it’s imperative for companies to change how they authenticate their users to preserve the trust and safety of their brand in the eyes of their customers.”