It’s not just Barbie that’s a victim of hackers. It has now come to light that toymaker VTech has had their toys hacked as well with catastrophic results. Here’s what Motherboard had to say on this:
The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents who have bought products sold by VTech, which has almost $2 billion in revenue. The dump also includes the first names, genders and birthdays of more than 200,000 kids.
What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard.
Yikes! That’s not good. Information on nearly 5 million parents and more than 200,000 kids being swiped is not something that can be ignored. VTech clearly has a lot of explaining to do. And they need to do it quickly as there are a lot of parents who are going to be pretty upset upon reading this.
UPDATE: This hack just got worse. The hackers also have hundreds of gigabytes worth of pictures and chat logs belonging to children. ZDNet reports:
“Tens of thousands of pictures — many blank or duplicates — were thought to have been taken from from Kid Connect, an app that allows parents to use a smartphone app to talk to their children through a VTech tablet. Motherboard was able to verify a portion of the images, and the chat logs, which date as far back as late-2014. Details about the intrusion are not fully known yet. The hacker, who for now remains nameless, told Motherboard that the Hong Kong-based company ‘left other sensitive data exposed on its servers.'”
VTech Settles With FTC To Make It’s Problems With Insecure Toys Go Away
Posted in Commentary with tags VTech on January 9, 2018 by itnerdYou might recall that VTech got caught on multiple fronts selling toys that leaked all sorts of personal info and were generally insecure. Well, the company has settled the biggest of those issues. VTech settled with the US Federal Trade Commission following a data breach that exposed the data of 6.5 million customers. The company has to pay up a paltry $650K fine. But is also permanently forbidden from violating The US Children’s Online Privacy Protection Act and from misrepresenting its security and privacy practices, and will be subject to independent audits for 20 years.
Now I personally would have liked to see a much stiffer fine. Plus I would like to have seen more oversight as well as I think VTech came out ahead on this one. But any sort of punishment is better than none I suppose.
Leave a comment »