Flaw in Facebook messaging app exposes children to strangers

In News

A flaw in a Facebook app designed for children under 13 years old allows them to chat online with people unapproved by their parents.

The messaging app is designed to give parents control over who their kids text and video chat with online, but a bug in the software lets a contact approved to chat with one child to talk to another without the approval of the second child’s parents.

In the message to parents, Facebook included links to the FAQ for the app, to the parent’s control center for the software, and to a feedback page.

The breakdown in parental control occurs when a child is part of a group chat. Any person chatting one-on-one must be approved by the child’s parents. In group chat, however, the organizer of the group may invite members who are cleared to communicate with the organizer but not cleared to talk to some other members of the group. The bug in the app allows all group members to chat with each other whether approved by a parent not.

Data collection issues about Messenger Kids arose just months after the app launched in 2018. The Parent Coalition for Student Privacy, based in Boston, filed a complaint with the U.S. Federal Trade Commission alleging Messenger Kids violated the federal Children’s Online Protection Act.

Facebook’s app collected personal information from children as young as five without obtaining verifiable parental consent, and failed to provide parents with clear and complete disclosures of Facebook’s data practices, the group maintained in its complaint.


You may also read!

e-scooters vulnerable to remote hacks

Amer Owaida, security writer at ESET discusses the risks and vulnerabilities posed by electric scooters and their related software


A10 Networks launches vThunder TPS

A10 Networks has announced it has delivered the industry’s highest-performance virtual DDoS defence solution with its software version of


Sophos unveils a new “Xstream” architecture for Sophos XG firewall

Sophos today introduced a new “Xstream” architecture for Sophos XG Firewall with high-performance Transport Layer Security (TLS) traffic decryption


Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu