{"id":29347,"date":"2019-09-27T10:20:07","date_gmt":"2019-09-27T10:20:07","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/"},"modified":"2019-09-27T10:20:07","modified_gmt":"2019-09-27T10:20:07","slug":"pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/","title":{"rendered":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2017\/05\/03\/petulant-child.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p><strong class=\"trailer\">Exclusive<\/strong> A Brit biz whose mobile apps monitor the mental state of 35,000 British schoolchildren is having to rewrite them after researchers found hardcoded login credentials within.<\/p>\n<p>&#8220;Tracking steering biases is a pioneering technique developed by STEER using AI to identify patterns of bias linked to mental health risks in 10,000 test students,&#8221; burbles the company&#8217;s website.<\/p>\n<p>Steer, a trading name of Mind.World Ltd, claims to have 150 subscribing schools. Included within the customer list on its website are British public schools such as Charterhouse, Fettes College, Oundle School and Wellington College.<\/p>\n<p>Children enrolled in one of Steer&#8217;s apps are labelled as red, amber or green depending on how it grades their mental health in response to questionnaires they fill out.<\/p>\n<p>Its flagship tech, deployed under the brands AS Tracking and CAS Tracking, are sold to schools as a way of monitoring their pupils&#8217; wellbeing and allowing teachers to stage interventions.<\/p>\n<p>&#8220;Since we began running AS Tracking we got a 20 per cent decrease in self harm at the college,&#8221; a teacher <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/news.sky.com\/story\/artificial-intelligence-being-used-in-schools-to-detect-self-harm-and-bullying-11815865\">told<\/a> Sky News on Monday, for a video feature extolling the firm&#8217;s virtues.<\/p>\n<p>The <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/steer.global\/en\/prices\/secondaryschool-y7-13\">company offers to let schools<\/a> &#8220;track, signpost and support every pupil&#8221; through its apps, database functionality and analytics, boasting that by licensing each child for \u00a318.75, schools can &#8220;benchmark&#8221; themselves &#8220;nationally&#8221;.<\/p>\n<p>Yet versions of the apps developed for pupils and teachers alike contain hardcoded login credentials \u2013 posing a security risk to the most sensitive mental health data and information of the most vulnerable children.<\/p>\n<h3 class=\"crosshead\"><span>Keys to the kids&#8217; castle<\/span><\/h3>\n<p>Privacy advocate and internet troublemaker Gareth Llewellyn discovered the login credentials. Embedded within the Android version of AS Tracking were what appeared to be username and password pairs:<\/p>\n<pre>\npublic static String AUTH_PASSWORD = \"y2-@qtYg&gt;*xFMQ)g\";\npublic static String AUTH_USERNAME = \"usteer\"; public static final String API_BASIC_AUTH_PASSWORD = \"Shi$i7eth7ae\";\npublic static final String API_BASIC_AUTH_USERNAME = \"Testing\";\n<\/pre>\n<p>Once <em>The Register<\/em> persuaded Steer to take our concerns seriously, the company responded by promising to rewrite its apps to remove the hardcoded credentials and improve its general security. It said that the testing account was not used in practice and claimed that the &#8220;usteer&#8221; credential pair was a &#8220;legacy&#8221; login which has now been disabled.<\/p>\n<p>The firm told us:<\/p>\n<p>Steer concluded: &#8220;We have removed the credential information flagged by <em>The Register<\/em> and are applying additional security measures as a precaution.&#8221;<\/p>\n<h3 class=\"crosshead\"><span>The good, the bad and the ugly<\/span><\/h3>\n<p>Duncan Brown, chief security strategist at web filtering biz Forcepoint, took a nuanced view of what happened here. He told <em>The Reg<\/em>: &#8220;The app developers are aiming to mitigate against the negative impact mental health issues can cause, and we should not shy away from using technology to assist people in understanding behavioural patterns.<\/p>\n<p>&#8220;However, the security needs to be as robust as the science, particularly when dealing with such sensitive information held on minors. We should not avoid initiatives such as these simply to avoid potential privacy issues but privacy and security must be hardwired in: it&#8217;s extraordinary that in 2019 developers are still hardcoding passwords.&#8221;<\/p>\n<p>Getting in a sneaky mention of his firm&#8217;s current product lineup, which depends on analytics and analysis, Brown opined: &#8220;As usage of behavioural analytics grows, we as an industry need to improve governance, clearly lay out the purpose of any data collection \u2013 and of course ensure that any personal data collected remains completely secure.&#8221;<\/p>\n<p>Hardcoded credentials have caught out many a developer and company before. A smart home company called Zipato <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2019\/07\/03\/zipato_hardcoded_key\/\" rel=\"noopener noreferrer\">hardcoded the same private SSH key into all of its hubs<\/a>, forcing the company to update all the devices and scrap the SSH tunnel. Similarly, Juniper Networks <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2019\/04\/11\/juniper_hardcoded_credentials\/\" rel=\"noopener noreferrer\">hardcoded login credentials into some of its data centre switches<\/a>, a blunder discovered earlier this year.<\/p>\n<p>Never one to be outdone in security snafus, Cisco admitted last year that it had not only left an undocumented root account in its video surveillance management software product, but <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2018\/09\/25\/cisco_hardcoded_credentials\/\" rel=\"noopener noreferrer\">that account also had hardcoded credentials<\/a>.<\/p>\n<p>The prevalence of these cockups doesn&#8217;t clear these companies of wrongdoing. In the 21st century nothing should be deployed publicly with hardcoded creds. \u00ae<\/p>\n<p class=\"wptl btm\"><span>Sponsored:<\/span> <a href=\"https:\/\/go.theregister.co.uk\/tl\/1858\/-7802\/technical-overview-exasol-peek-under-the-hood?td=wptl1858\">Technical Overview: Exasol Peek Under the Hood<\/a><\/p>\n<p>READ MORE <a href=\"http:\/\/go.theregister.com\/feed\/www.theregister.co.uk\/2019\/09\/27\/pupil_mental_health_tracking_app_security_fears\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>You Steer-ed into some potential trouble there Exclusive\u00a0 A Brit biz whose mobile apps monitor the mental state of 35,000 British schoolchildren is having to rewrite them after researchers found hardcoded login credentials within.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":29348,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-29347","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-27T10:20:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"348\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered\",\"datePublished\":\"2019-09-27T10:20:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/\"},\"wordCount\":675,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/\",\"name\":\"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg\",\"datePublished\":\"2019-09-27T10:20:07+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg\",\"width\":648,\"height\":348},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/","og_locale":"en_US","og_type":"article","og_title":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-09-27T10:20:07+00:00","og_image":[{"width":648,"height":348,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered","datePublished":"2019-09-27T10:20:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/"},"wordCount":675,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/","url":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/","name":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg","datePublished":"2019-09-27T10:20:07+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered.jpg","width":648,"height":348},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/pupil-mental-health-monitor-promises-app-rewrite-after-hardcoded-login-creds-discovered\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Pupil mental health monitor promises app rewrite after hardcoded login creds discovered"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=29347"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29347\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/29348"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=29347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=29347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=29347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}