Toy Maker VTech Hacked Exposing Pictures, Data, Logs Of Over 200K Children
Toy maker VTech initially informed the public of a security breach this past Friday, right when millions of Americans were in the midst of Black Friday shopping. VTech disclosed that its customer database was compromised, exposing names, email addresses, mailing addresses, download histories and encrypted passwords for users. Even more troubling is that in addition to 4.8 million adult accounts that were affected by the breach, 200,000 children were also caught up in the mess.
Earlier this morning, VTech gave a status update, describing that the initial breach occurred on November 14. However, it wasn’t until ten days later — November 24 — that VTech noticed that its servers had been compromised. “We immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against any further attacks,” said VTech in a statement.
The company went on to confirm that its “database also stores kids information including name, genders and birthdates.” As if it were some kind of consolation for now anxious parents, VTech says that the “database does not contain any personal identification data (such as ID card numbers, Social Security numbers or driving license numbers).”
But that’s not all. It appears the VTech has an even bigger problem on its hands because of this data breach. The hackers discovered that VTech had been storing tens of thousands of pictures of children and their parents on their servers along with about a year’s worth of chat logs (between children and parents). In total, the hackers were able to easily access nearly 200GB worth of photos from VTech’s servers.
The hacker, which has been in contact with Motherboard, provided just a small subset of the images that were found on the server along with a few sample messages that were found in the chat logs. And if that wasn’t enough, audio files containing children’s voices were also easily obtained by the hacker.
”Frankly, it makes me sick that I was able to get all this stuff,” said the hacker. ”VTech should have the book thrown at them.”
As the full scope of this hack comes to light, things aren’t looking too good for VTech. It’s one thing for adults to have their information sucked up by hackers; it seems to be an all too common occurrence these days. But when those hackers are able to easily uncover details on children, that’s when momma bear and poppa bear start taking their gloves off.