Hackers remotely wipe 13,000 students’ iPads and Chromebooks after breaching safety software

Avatar

Mobile Guardian, a company that specializes in providing security software for devices in education institutions, announced on Monday it suffered a “security incident” over the weekend which involved “unauthorized access” to those devices.

Customers have been affected on a global basis, including in North America, Europe, and, particularly egregiously, in the high-tech city-state of Singapore.

As proudly trumpeted on Mobile Guardian’s website, the company’s services are used by Singapore’s Ministry of Education (MoE) to protect all of the iPads and Chromebooks used by students in the country’s secondary schools.

The company, which has offices in both the United Kingdom and South Africa, confirmed that the “unauthorized access” resulted in “a small percentage of devices to be unenrolled from Mobile Guardian and their devices wiped remotely.”

Singapore’s MoE confirmed “based on preliminary checks, about 13,000 students in Singapore from 26 secondary schools had their devices wiped remotely by the perpetrator.”

It is not yet known whether other schools and enterprise customers have been similarly affected by the security incident, nor what effect the wiping will have on education in Singapore.

The country’s MoE said it was “working with schools to support affected students, including deploying additional IT roving teams to schools and providing additional learning resources.”

In addition, the government department stated it had “immediately registered strong concerns” with Mobile Guardian, and as a precaution would be removing the company’s software from students’ devices.

Mobile Guardian said it discovered the incident on 4 August, and effectively took its own platform down to prevent any further access.

“We understand how critical Mobile Guardian is to our educational institutions and we are fully committed to rectifying this issue,” the company stated. “We want to express our deepest apologies for any inconvenience this will have caused.”

CybercrimeGovernmentNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.

 

Total
0
Shares
Previous Post

CyberDSA 2024

Next Post

Nearly 40 French museums reportedly affected by ransomware attack

Related Posts

Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America

The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024. The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a "full suite of espionage features." "It could upload files, capture screenshots
Avatar
Read More

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. "EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions," Outpost24 KrakenLabs said in a new report shared with The
Avatar
Read More