A Chinese educational toy company with revenues of over US$2 billion has suffered a data breach where the personal information of five million customers, both parents and children, were stolen. The theft also included 200,000 records related to the customers’ children, including their “first names, genders and birthdays, “according to Motherboard, the website that first reported the data breach”. The company also “temporarily suspended” its Learning Lodge store, which offers apps, music, ebooks, and games for children.
Advertisement
A November 14 hack of the Learning Lodge database exposed names, email addresses, passwords, home addresses, and download histories of 4.8 million adults who purchased products online.
VTech says the hack did not access users’ credit card information or their more sensitive personal information, like Social Security numbers. “To complete the payment or check-out process of any downloads made on the Learning Lodge website, our customers are directed to a secure, third party payment gateway”, the company says.
“In addition, our customer database does not contain any personal identification data”. It serves as a reminder to parents to be careful about the information – especially information about their children – they share and include in Internet-connected devices.
KID FRIENDLY TECHNOLOGY COMPANY VTech is entering the holiday season on perhaps one of two naughty lists after admitting that it has been the victim of a security breach that might have exposed some customer data.
Louise Bulman, VP EMEA at Vormetric commented: “VTech has joined the increasingly long line of organisations facing a rather bleak end to 2015, as it becomes the latest to suffer a high-profile data breach”.
On Monday, attorney generals for both CT and IL separately said that they will be investigating the breach, but did not clarify if they were cooperating with other states, according to a Reuters report.
Advertisement
The site said it had spoken to a hacker who claimed to be behind the attack, who said he planned to do “nothing” with the data. After receiving the email, Vtech said it “carried out an internal investigation and detected some irregular activity” on the Learning Lodge site. VTech did not say whether access to monitoring services would be provided to affected consumers.
