5.5 KiB
| title | chunk | source | category | tags | date_saved | instance |
|---|---|---|---|---|---|---|
| 2024 Mobile Guardian security breach | 1/1 | https://en.wikipedia.org/wiki/2024_Mobile_Guardian_security_breach | reference | science, encyclopedia | 2026-05-05T14:36:23.932997+00:00 | kb-cron |
The 2024 Mobile Guardian security breach was a cybersecurity incident that affected Mobile Guardian, a mobile device management platform. In August 2024, Mobile Guardian experienced a cyberattack that affected users in multiple countries. As a result, multiple students in various countries lost a significant portion of their data in their personal learning devices (PLD). In response, the Ministry of Education (MOE) removed the Mobile Guardian application from all student devices, and terminated its contract with Mobile Guardian.
== Background == Mobile Guardian is a cloud-based mobile device management (MDM) platform developed by Mobile Guardian Limited. The MDM was founded in 2011, and is headquartered in Reigate, Surrey. The platform was designed for K–12 schools and parents. The service has been adopted by schools internationally, including its appointment as the MDM vendor for ChromeOS and iOS devices in Singaporean schools. Mobile Guardian has been used by schools in North America, Europe, the Middle East and Singapore. The app is used by 2,500 schools in over 50 countries worldwide.
=== Previous incidents === From April to July 2024, Mobile Guardian experienced multiple cybersecurity incidents prior to the cybersecurity breach that happened in August 2024. In April 2024, the company disclosed unauthorised access to its user management portal. The names and e-mail addresses of parents and school staff from five primary and 122 secondary schools were accessed in Singapore. The Singaporean MOE lodged a police report, and informed all affected parents and teachers. The MOE stated its DMA was unaffected. On 30 May 2024, a potential vulnerability of the Mobile Guardian application was reported to the MOE. According to the MOE, it had been previously patched. In June 2024, an independent certified penetration tester further confirmed the issue had been fully resolved. On 30 July 2024, the DMA experienced glitches. Students with it installed on their PLDs reported issues with switching off or on their devices, and connecting to the Wi-Fi. In total, over 1000 students from at least five MOE secondary schools were affected. On 1 August 2024, Mobile Guardian rolled out an update to all app users to resolve the issue. Investigations by Mobile Guardian found that the incident was due to a human error in configuration.
== Incident == On 4 August 2024, Mobile Guardian was alerted to suspicious activity on the platform, and detected unauthorised access to its system at 10pm Singapore time. MOE was also alerted by some schools at nighttime on the same day that students utilising iPads and Chromebooks as PLDs were unable to access their applications and information stored in their devices. Investigations later made by Mobile Guardian identified that a cyberattack occurred. The cyberattack had a global effect on users of the platform, including in North America, Europe and Singapore. This incident resulted in a portion of its userbase having their devices unenrolled from the platform. As a result, 13,000 Singaporean student devices from 26 secondary schools were remotely wiped. In total, data for 67,000 parents and 22,000 school staff was also accessed. According to MOE, the cybersecurity breach that occurred in August was unrelated to the glitch that happened on July. Mobile Guardian additionally stated, "There is no evidence to suggest that the perpetrator had access to users' data." The cybersecurity firm, Group-IB later reported that over 300 account credentials related to the Mobile Guardian administration appeared for sale, 70 of which were on sale in the dark web. Channel News Asia reported that several students stated concerns that the data breach would negatively affect the results of their upcoming O-Level examinations. The Singapore Examinations and Assessment Board (SEAB) also reported that 52 students taking the O-Levels for art had their coursework affected by the data breach.
== Response == In response to the cyberattack, Mobile Guardian temporarily halted its services, which resulted in users being unable to log in to the Mobile Guardian platform, and students using the DMA experiencing restricted access on their devices. The Singaporean Ministry of Education also deployed information technology (IT) roving teams, which included 300 additional IT engineers and staff, and provided supplementary learning resources to affected schools. The MOE also provided students who wanted to troubleshoot their own PLDs with instruction sheets as a form of guidance. The MOE removed the Mobile Guardian application from students' PLDs as a precaution and subsequently terminated its contract with the vendor. According to then Minister of Education Chan Chun Sing, about one in six of all affected users experienced data loss from the cyberattack. Fewer than five per cent of students were unable to recover all their data, as their devices had not been backed up prior to the security breach. In January 2025, Mobile Guardian was replaced as a DMA in all PLDs in Singaporean secondary schools. Jamf was implemented on iPads, whereas Lightspeed Systems was implemented on Chromebooks.
== See also == List of cyberattacks Educational technology 2024 in Singapore
== Notes ==
== References ==
== External links == Official website Mobile Guardian Help Center Mobile Guardian on the App Store Mobile Guardian on Google Play