The Hong Kong-based company noted that “an unauthorized party” accessed VTech customer data on the Learning Lodge app store database November 14.
Advertisement
As if it were some kind of consolation for now anxious parents, VTech says that the “database does not contain any personal identification data (such as ID card numbers, Social Security numbers or driving license numbers)”.
It’s a parent’s worst nightmare: Photos of their kids’ smiling faces stolen by a stranger online, along with identifying information including their names, genders, birth dates, mailing addresses and the contents of their private chats.
That is in addition to records for 4.9 million adult customers VTech had previously said were affected.
VTech says hackers may have stolen millions of their customers personal information.
The information includes parent names, home addresses, email addresses and passwords. Many users tend to reuse passwords on multiple sites, so VTech customers would be wise to change their login credentials immediately.
VTech said it first learned of the breach on November 24, ten days after the hacker appeared to have gotten access.
While customers’ credit card data was not compromised, the identifying information of some 200,000 children was also exposed.
KID FRIENDLY TECHNOLOGY COMPANY VTech is entering the holiday season on perhaps one of two naughty lists after admitting that it has been the victim of a security breach that might have exposed some customer data. “It was pretty easy to dump, so someone with darker motives could easily get it”, the hacker told Motherboard in an encrypted chat. A hacker who spoke to Vice said he was able to download 190GB worth of photos.
VTech has reached out to every account holder in the database, via email, to alert them of the breach and the potential exposure of their account data.
The news of this hack could make parents think twice about how chip-embedded toys could put the identifies of their children at risk. A security assessment of the hack by independent security expert Troy Hunt revealed lapses in the security systems of the company.
Advertisement
VTech said Friday that it “conducted a thorough investigation”. The information was taken in an attack on a portal used to download games to computer tablets.
