UStrive Security Lapse Exposed Personal Data of its Users, Including Children

UStrive Security Lapse Exposed Personal Data of its Users, Including Children

UStrive Data Leak Exposed Kids’ Personal Info—Here’s What Happened A serious security flaw on mentoring platform UStrive left the personal information of hundreds of thousands of students—including children—exposed to any logged-in user. The breach, now resolved, revealed full names, email addresses, phone numbers, gender, and even dates of birth through a vulnerable backend interface. Parents, educators, and privacy advocates are raising alarms after learning that sensitive data from a nonprofit serving over 1.1 million students was accessible without proper authorization. Credit: Javier Zayas Photography / Getty Images The incident underscores growing concerns about data protection in youth-focused edtech platforms—and whether organizations handling minors’ information are doing enough to secure it. How the UStrive Data Leak Was Discovered The vulnerability came to light last week when an anonymous source tipped off TechCrunch about unusual data exposure on UStrive’s website. By simply u…