The affected database doesn’t contain any credit card numbers, or personally identification information such as Social Security or driver’s license numbers, VTech says.
Advertisement
Who was affected? The data breach exposed 5 million Vtech customer accounts from around the globe – the United States included.
There remains no evidence the hacker in the breach is seeking to profit from the data or cause harm to those affected.
The hack occurred on November 14, according to the Times.
Hunt believes that users should not expect that VTech has shored up the breach yet.
What information was exposed in the hack?
With hackers having gained unauthorized access to VTech customer information stored on the Learning Lodge app store, the company had earlier revealed that the customer data breached by hackers included almost 4.8 million customer names, email addresses, passwords, IP addresses, mailing addresses, and download history. VTech’s customer index does not contain credit card information. “When it’s hundreds of thousands of children including their names, genders and birthdates, that’s off the charts”, security analyst Troy Hunt wrote in a blog post. Information on parents was also compromised, with that including IP/email/mailing addresses, names, and more. Hunt also added that the passwords exposed are not encrypted. If you have questions about the hack, email [email protected].
Advertisement
While the hack was damaging enough for the company, Vice reported that other forms of sensitive data was also left on VTech’s servers, including the photos of many children using the company’s products and the chat logs between children and their parents. Its Learning Lodge app store is an online service which connects customers to numerous company’s products – including learning games, e-books, apps, and other educational content – and enables them to download those products. “People unwittingly trusting their personal information in a company that wasn’t equipped to handle it”.
