The Ministry of Education (MOE) in Singapore has announced the removal of the Mobile Guardian application from all students’ personal learning devices following a global cybersecurity breach.
Mobile Guardian is a device management app that allows parents to control their children’s device usage by restricting applications, websites, and screen time.
The breach affected approximately 13,000 secondary school students from 26 secondary schools across the nation.
Devices remotely wiped
The perpetrators remotely wiped the devices of the affected students, disrupting access to their apps and stored information.
In a media statement on Monday (Aug 5), the MOE reported that it was alerted by schools late Sunday night about the issue.
The affected students, who use iPads or Chromebooks as personal learning devices, were unable to access their apps and information.
Breach detected on Sunday
Mobile Guardian confirmed it detected unauthorized access to the iOS and ChromeOS devices enrolled on its platform at 10 pm Singapore time on Sunday.
The breach affected users globally, including those in North America, Europe, and Singapore.
“This resulted in a small percentage of devices being unenrolled from Mobile Guardian and wiped remotely. There is no evidence to suggest that the perpetrator had access to users’ data,” Mobile Guardian reported on its website.
Precautionary Measures
MOE’s Response
“MOE immediately registered strong concerns with Mobile Guardian,” the ministry stated. “Mobile Guardian’s investigations found that there had been a global cybersecurity incident involving unauthorized access to its platform that affected their customers globally, including those in Singapore.”
As a precaution, MOE will remove the Mobile Guardian Device Management Application from all iPads and Chromebooks.
Efforts are underway to safely restore these devices to normal usage. The ministry is also considering other measures to regulate device usage to support learning during this period.
Support for affected students
MOE acknowledged the concerns and anxiety among students due to the incident and assured that it is working with schools to support affected students.
Additional IT roving teams will be deployed to schools, and extra learning resources will be provided.
The incident is unrelated to the earlier technical issues that students faced at the end of July, which were caused by a human error in configuration by Mobile Guardian
Security breached for 2nd time
This cybersecurity breach follows a similar incident in April, where the personal information of parents and staff members from 127 schools was accessed through Mobile Guardian in a data security breach.