VTech hack impacts 5 million people; kids’ photos, chat logs viewed by hacker

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Now the hackers are going after kids.

Educational toymaker VTech, which sells tablets, baby monitors and educational software, said Monday that the personal information of five million people — customers and their kids — has been compromised.

The company said the security breach hit its Learning Lodge online store, where customers can download apps, ebooks and games. User profile information includes names, email addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download history.

The hack also exposed information about kids, including names, genders and birthdates.

According to a report from Vice, the toymaker also left thousands of photos of parents and kids and chat logs stored online in a way that was “easily accessible to hackers.”

The data is from the company’s Kid Connect service that allows parents to use a smartphone app to chat with kids using a VTech tablet. A hacker who spoke to Vice said he was able to download 190GB worth of photos.

VTech said that no credit card information was compromised, and that the database doesn’t contain social security numbers or drivers licenses.

“Due to a breach of security on our Learning Lodge website, we have temporarily suspended the site,” said a message on the Learning Lodge site Monday.

The company added that it has taken measures “to defend against further attacks.”

Troy Hunt, a blogger, said that he discovered the hack and reported it to VTech.

“I suspect we’re all getting a bit too conditioned to data breaches lately,” he wrote at troyhunt.com. “Unless it’s our children’s identities, that’s a whole new level. When it’s hundreds of thousands of children’s names, genders and birthdates, that’s off the charts.”

The hack includes customers in the USA, Canada, United Kingdom, Republic of Ireland, France, Germany, Spain, Belgium, the Netherlands, Denmark, Luxembourg, Latin America, Hong Kong, China, Australia and New Zealand.

Hacker obtained childrens' headshots and chatlogs from toymaker VTech: https://t.co/Q8f5P0b0ho pic.twitter.com/jPKcppBRAP— Motherboard (@motherboard) November 30, 2015

//platform.twitter.com/widgets.js

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

1 Comment

  • Mac Woods

    That’s impressive. One hacker “viewed” the profiles of five million people? He clearly has excessive time on his hands. If (as this sensational headline seems to imply) these profiles were indeed compromised and viewed by a single hacker, he’d need to “view” one profile per second for nearly two months; in order to see all of them. He or she is clearly an astounding genius of exceptional magnitude. Or more realistically, once hacked, he downloaded them, and sold the information to interested third parties?