Jump to content

ALERT: Scouters who let kids sell popcorn with Trails End app may be targets


Recommended Posts

BSA is now discovering what happens when you ignore obvious cyber security risks (like pushing kids to download 3rd party commercial apps to manage popcorn sales).

Trails End got hacked and the media is reporting that exposed data includes personally identifiable info like kids' birthdays, full legal names, names of parents, addresses and more. The extent of the data breach has not yet been made public.

If you are one of the scouters who let their kids use the popcorn sales app, keep an eye open for signs of identity theft, etc.  No need to become a victim twice if you can avoid it...

Good luck!

See story:
https://www.databreaches.net/undisclosed-number-of-boy-scouts-and-their-parents-had-their-information-exposed-by-trails-end/

https://www.charlotteagenda.com/178386/boy-scouts-affiliate-data-breach-exposed-kids-and-parents-personal-information/ 

 

  • Sad 1
Link to post
Share on other sites
28 minutes ago, mrkstvns said:

Trails End got hacked

Your link doesn't say that. Having data potentially exposed is not the same as hacked. There was no mention of any malicious attempt which would suggest hacking.

28 minutes ago, mrkstvns said:

and the media is reporting that exposed data includes personally identifiable info like kids' birthdays, full legal names, names of parents, addresses and more. The extent of the data breach has not yet been made public.

I think exposing the DOB, email, and phone number might be of biggest concern. Per your link, this vulnerability was through the sharing portion of the sales app. In other words, one became vulnerable when one posted their sale online. It is fair to assume that when I did that for my daughter, my name and her name were already shared.

28 minutes ago, mrkstvns said:

If you are one of the scouters who let their kids use the popcorn sales app, keep an eye open for signs of identity theft, etc.  No need to become a victim twice if you can avoid it...

Phishing attempts (again, per your link) via email and or phone calls would be of the greatest concern - attempts to get MORE information that could then lead to identity theft. I don't think one can do much scamming with just someone's DOB and full name. 'Could be wrong.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...