Share

Children Exposed In VTech Hack

Compromised information in the VTech breach includes the names, birthdates and genders of child users.

Advertisement

VTech, was hacked via the company’s app store database, Learning Lodge, on November 14.

It’s infuriating to me to think that my children’s personal information has been hacked because of the information that Vtech requires you to fill out before you can download books and games on its online app store. It involved customer data stored on the company’s Learning Lodge app store database. The hacker, who has been in contact with Motherboard, claimed that VTech left a lot of sensitive data exposed on its servers, including kids’ profile photos and chat logs between children and parents.

As if it were some kind of consolation for now anxious parents, VTech says that the “database does not contain any personal identification data (such as ID card numbers, Social Security numbers or driving license numbers)”.

On Monday, VTech suspended 13 of its websites and said the affected customers were notified. This particular data breach also carried with it information that are related to children. “Customers affected should be suspicious of any emails or even phone calls that relate to the breach, no matter how plausible, and should not give away more personal information”, said Moor.

The alarming breach, apparently perpetrated by a white hat hacker on a mission to reveal cracks in VTech’s security protocols, was first uncovered by Motherboard. “We are committed to protecting our customer information and their privacy, to ensure against any such incidents in the future”, said VTech in a statement.

Professor Alan Woodward, cybersecurity expert at Surrey University, said it looked like the Hong Kong-based firm may have been subjected to a simple hacking technique known as an SQL injection. Any payments were sent through a “secure, third party payment gateway”, it said.

Customers from the USA and 15 other countries are affected.

Advertisement

Troy Hunt, the security researcher who verified the attack as part of Motherboard’s investigation, also made some worrisome observations about the state of VTech’s web security in general.

VTech Cyberattack Exposes Data of 200000 Kids and 5 Million Parents