Singapore’s Ministry of Education has found that 13,000 students in the country had their data remotely wiped following a cyber-attack on Mobile Guardian, a UK-based device management software provider.
Several Singaporean schools alerted the ministry on August 4 that some students who use iPads or Chromebooks as personal learning devices were unable to access their applications and information stored in their devices.
Upon investigation, the government detected that the security incident came from unauthorized access to Mobile Guardian, an application widely used in the country’s schools since 2020 that offers device management, classroom management, web filtering for students and parental controls.
“Based on preliminary checks, about 13,000 students in Singapore from 26 secondary schools had their devices wiped remotely by the perpetrator,” Singapore’s Ministry of Education wrote in a security advisory.
The government contacted Mobile Guardian, which issued its own security advisory.
In this post, the software vendor acknowledges that it had experienced “a security incident that resulted in a small percentage of devices to be unenrolled from [its platform] and their devices wiped remotely.”
This attack affected users globally, including in North America, Europe and Singapore.
“There is no evidence to suggest that the perpetrator had access to users’ data,” added the vendor.
Mitigation Measures
Mobile Guardian has halted its services to prevent further unauthorized access, meaning that users are not currently able to log in to the Mobile Guardian platform, and students will experience restricted access on their devices.
Singapore’s government said it will remove the Mobile Guardian app from all iPads and Chromebooks and is considering additional mitigation measures.
It is also working on safely restoring wiped devices to normal usage.
Mobile Guardian invited students experiencing issues with their device to contact their customer support service at support@mobileguardian.com.
The vendor and Singapore’s government said the incident was not related to a technical issue that occurred on July 30 and affected Mobile Guardian iPads in Singapore. This earlier incident was due to a human configuration error.