Vtech’s Learning Lodge is a gateway for children and adults to download a variety of content including games and e-books onto their devices, such as first computers and tablets.
Advertisement
VTech, a maker of kids’ toys like the Kidizoom Smartwatch and InnoTab tablets, was hacked on November 14. “Our customer database contains user profile information, including name, email address, password, secret question and answer for password retrieval, IP address, mailing address and download history”, VTech officials said in a statement.
Vtech have not provided any information on why these photos and also the chats were actually stored on their servers, we suspect there are going to be a lot of unhappy parents.
“Frankly, it makes me sick that I was able to get all this stuff”, the hacker allegedly said. If someone did have malicious intentions, it wouldn’t be hard for them to access a treasure trove of personal information on VTech’s customers.
Troy Hunt, a Microsoft MVP for developer security and founder of breach notification website Have I Been Pwned, who helped Motherboard to confirm the breach, said the attack pushes the number of accounts in his database past the quarter-billion mark.
In the statement, VTech asserted that their customer database doesn’t include credit card information, nor does it store “personal identification data… such as ID card numbers, Social Security numbers or driving license numbers”.
The leak contained the identities and addresses of the families affected by the hack, according to Vice Motherboard, which broke the story. They’re entrusted with the data and they lost it. It is really that simple.
Officials in Hong Kong said there is not yet “sufficient information” to say whether children had specifically been targeted in the VTech hack.
Motherboard said it spoke to a hacker who claimed to be behind the attack and said he planned to do “nothing” with the data. “Clearly manufacturers should be taking greater care over data security and privacy, but parents should also be more careful with their children’s personal information”, he explained in an email to FoxNews.com.
The company says emails have been sent to all account holders informing them of the data breach.
Vtech said it has taken steps to prevent further attacks but did not elaborate. He suggested that those wishing to know if they were impacted by the VTech breach can do so by searching for their email address at HaveIBeenPwned.com, an online resource that tracks the accounts exposed in many recent high-profile data breaches. Once it confirmed the hack, Vtech said it began informing customers on 27 November.
Advertisement
Mic has reached out to VTech for comment, and will update if we hear back.
