A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student’s iPads and Chromebooks.
Mobile Guardian, a ‘Google for Education’ partner, is a cross-platform (Android, Windows, iOS, ChromeOS, macOS) one-on-one solution for K-12 schools that offers a complete suite of device management, parental monitoring and control, secure web filtering, classroom management, and communications.
The platform announced it suffered a security breach on August 4, 2024, where a hacker gained unauthorized access to its platform, impacting its North American, European, and Singaporean instances.
This incident is unrelated to a misconfiguration that caused an IT outage on July 30, 2024.
As a result of the breach, Mobile Guardian says a small percentage of iOS and ChromeOS devices were wiped remotely, but there’s no evidence of data access or exfiltration.
“This [incident] resulted in a small percentage of devices to be unenrolled from Mobile Guardian and their devices wiped remotely,” reads the announcement, adding that “There is no evidence to suggest that the perpetrator had access to users’ data.”
The service has been suspended for now, so users cannot log in to the Mobile Guardian platform, and students are limited to restricted access on their devices.
Although Mobile Guardian says the incident only impacted a “small percentage of devices,” Singapore’s Ministry of Education says that the threat actor used the platform to wipe the iPads and Chromebooks of 13,000 students in the country.
“MOE immediately registered strong concerns with mobile device management company Mobile Guardian,” warned a press release from the Ministry of Education.
“Mobile Guardian’s investigations found that there had been a global cybersecurity incident involving unauthorised access to its platform that affected their customers globally, including those in Singapore. Based on preliminary checks, about 13,000 students in Singapore from 26 secondary schools had their devices wiped remotely by the perpetrator.”
In response to the cyberattack, the government has removed the app from all student learning devices across the country and is helping restore those that have been impacted.
BleepingComputer has contacted Mobile Guardian to learn more about the incident and its global impact, such as how many student devices in North America and Europe were impacted, but a comment wasn’t immediately available.