Mobile Guardian data breach exposes data of Singapore schools

A data breach at Mobile Guardian, a device management application utilized by over 127 schools in Singapore, has compromised the personal information of parents and staff. Mobile Guardian, based in the UK and also has offices in the US and South Africa, provides services to manage students' personal learning devices such as iPads and Chromebooks.

The incident took place at the company’s headquarters in Surrey, UK on April 17th, 2024, and lead to unauthorized access to names and email addresses. This breach affects 5 primary and 122 secondary schools, representing about a third of all primary and secondary schools in Singapore.

The company has taken action by implementing additional security measures, locking down administrative accounts, and collaborating with IT security experts to investigate the breach and prevent future occurrences.

No details are disclosed about the number of affected individuals or the nature of the breach.

The Ministry of Education (MOE) in Singapore was promptly notified about the breach. The MOE emphasized that its own device management application was not affected by this incident.

Update - as of august 5th, the Ministry of Education (MOE) in Singapore announced the removal of the Mobile Guardian app from all students' personal learning devices following a global cybersecurity breach. This incident affected 13,000 students from 26 secondary schools in Singapore.

The breach also resulted in devices being unenrolled and wiped remotely, impacting regions including North America, Europe, and Singapore, where 13,000 students' devices were affected.