MDM vendor Mobile Guardian attacked, leading to remote wiping of 13,000 devices

Singapore Ministry of Education orders software removed after string of snafus

UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools, which are currently unavailable. In Singapore, the incident resulted in 13,000 devices being remotely wiped and saw the nation's Education Ministry cut ties with the vendor.

Mobile Guardian focuses on the education sector – offering device management, web filtering, and classroom management tools.

The vendor has advised customers that the August 4 attack "resulted in a small percentage of devices to be unenrolled from Mobile Guardian," which somehow led to remote wiping. Customers in Europe and North America are also at risk.

"There is no evidence to suggest that the perpetrator had access to users' data," the advisory assures.

But one big user is nonetheless angry.

Singapore's Education Ministry, which became a Mobile Guardian customer in 2020, revealed on Monday that some 13,000 school students' devices were wiped. The Ministry subsequently ordered the removal of Mobile Guardian's software from its devices as a precautionary measure.

The Ministry considering alternative ways to secure devices while Mobile Guardian's troubles persist. In the meantime, it has deployed additional "roving" IT teams to assist schools and students.

"We understand that students are naturally concerned and anxious about the incident," the Ministry wrote, in a masterpiece of understatement.

Mobile Guardian has had a difficult few months.

In April, another unauthorized access incident saw names and email addresses of parents and school staff from 127 Singaporean schools exposed.

Last week, Singaporean students faced a technical issue that prevented some students from connecting to the internet on iPads. That root cause was found to be a configuration error.

Both MoE and Mobile Guardian have confirmed the latest cyber attack is unrelated to the configuration error incident. ®

More about

TIP US OFF

Send us news


Other stories you might like