Skip to main content
Best News Website or Mobile Service
WAN-IFRA Digital Media Awards Worldwide 2022
Best News Website or Mobile Service
Digital Media Awards Worldwide 2022
Hamburger Menu

Advertisement

Advertisement

Singapore

Personal information of parents, staff at 127 schools accessed in data security breach

The incident concerns Mobile Guardian, a device management app installed on personal learning devices used by students, like iPads and Google Chromebooks.

Personal information of parents, staff at 127 schools accessed in data security breach

Mobile device management company Mobile Guardian was hit by a data breach on Apr 17, 2024. (Photo: iStock)

New: You can now listen to articles.

This audio is generated by an AI tool.

SINGAPORE: A data breach at one of its vendors has resulted in the "unauthorised access" of names and email addresses of parents and staff from five primary schools and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). 

MOE said it was notified by Mobile Guardian that its user management portal had been breached on Wednesday, with the incident occurring at the company's headquarters in Surrey, United Kingdom. 

Mobile Guardian is a device management app (DMA) installed on personal learning devices used by students, like iPads and Google Chromebooks. The app enables parents to manage students’ device usage by restricting applications or websites and screen time. 

In response to CNA's queries, MOE said Mobile Guardian's management portal is used for administrative purposes such as account licensing and handles only user name, email address, time zone, school name and whether the user was a parent or school staff.

MOE added that its own device management app was not affected by the data breach as it is separate from Mobile Guardian’s user management portal and "remains safe for use".

The app is managed in Singapore and users have a different set of accounts, it said.

"There is no evidence of unauthorised access into the MOE DMA. Parents whose students use the iPad or Chromebook can continue to use the DMA as usual," it said.

The ministry told CNA that as of Friday night, it has informed all parties whose names and email addresses may have been exposed so that they "stay vigilant to any phishing emails they may receive".

"If parents have not received any email thus far, it means that they are not affected. Schools using other devices are not affected and will not be receiving any emails on this matter," said MOE.

The ministry added that it has expressed its concerns to Mobile Guardian and that a police report has been lodged. 

Mobile Guardian was appointed as MOE's official mobile device management services vendor in November 2020. 

In response to the incident, Mobile Guardian has implemented further security measures, such as locking down all administrative accounts. It apologised for the breach.

The mobile device management software company told CNA that its investigations showed that an unauthorised entry occurred using an administrative account on its management portal.

"The account was immediately suspended and a thorough forensic analysis was initiated to identify any data that may have been accessed," it said in response to CNA's queries.

The compromised account had "limited access" to Singapore and US customers' data, it added.

"Please note that due to security reasons, we are unable to disclose certain information that could potentially compromise the future security of our platform. Nevertheless, we have identified and improved certain processes to further strengthen our security measures," the company said.

CNA has contacted the Personal Data Protection Commission (PDPC) for more information. 

Source: CNA/sn

Advertisement

Also worth reading

Advertisement