Chinese toymaker VTech hacked, private details of 4.8m parents stolen

Chinese toymaker VTech

Chinese toymaker VTech Image Credit: VTech on Twitter

Popular Chinese toymaker VTech recently revealed that it was the target of a successful data breach that took place on November 14.

According to reports, data belonging to some 4.8 million parents and over 200,000 children have been swiped. It included pivotal and private information such as names, email addresses, passwords and home addresses of parents; as well as birthdays, first names and genders of kids have been swiped as well. It does not contain credit card information, social security numbers, or driver’s license numbers, the company said.

The criminals behind the hack made their way into the user database through the company’s Learning Lodge app store, wherein games, books, music and other educational content for VTech toys can be downloaded. Hackers also accessed the customers IP addresses and download histories, according to the company.

While hackers can have a variety of motives, such attacks have resulted in customer data being sold on the Web’s black market, allowing criminals to steal goods with another person’s identity.

Hackers can use the data stolen for a range of phishing attacks created to target people through their email addresses leading them to click on links that activate malicious software which allows the hackers steal even more sensitive information.

What’s worse is that the toy maker was not aware of the security breach until the alleged hacker himself reported it to Motherboard. The hacker claims to have gained access to the database through SQL injection. From there, the attacker is said to have gained root access to the company’s web and database servers. The hacker said he has no intentions of releasing or selling the data. Sometimes hackers attack the system just to demonstrate that the networks are vulnerable and need to be made more secure.

If the numbers of exposed accounts that are reported are accurate, the VTech hack would be among the largest breaches in recent years. The toy maker responded to the breach with a statement claiming to have already fixed the relevant vulnerabilities and provided email support to the affected customers.

Earlier in August, hackers published data from more than 30 million accounts that had been set up on adultery website Ashley Madison.

The toy maker said the hacked database stored information on customers from the following countries: US, Canada, the UK, Ireland, France, Germany, Spain, Belgium, the Netherlands, Denmark, Luxembourg, Latin America, Hong Kong, China, Australia and New Zealand.

Aubrey Chang
Aubrey Chang, Associate Editor Industry Leaders Magazine (www.industryleadersmagazine.com)

Recent Posts

Ikea and Rockefeller Foundations to raise $10 billion for renewable energy projects in poor countries

Ikea and Rockefeller Foundations to raise $10 billion for renewable energy projects in poor countries

The Ikea and Rockefeller foundations are jointly launching a $10 billion fund to promote small-scale renewable power projects in developing nations. Both
5 hours ago
EC initiates another probe into Google’s adtech practices

EC initiates another probe into Google’s adtech practices

EU antitrust regulators are planning a formal investigation into Google’s digital advertising practices by the end of this year. Google is already facing unprecedented regulatory
13 hours ago
Some Microsoft employees stayed at data centers during Pandemic to keep all systems going

Some Microsoft employees stayed at data centers during Pandemic to keep all systems going

The Covid-19 pandemic ravaging the world for more than a year has forced companies and organizations to find viable solutions to keep the business going. Most found a solution in w
1 day ago
Meme stocks frenzy and 3 companies to follow

Meme stocks frenzy and 3 companies to follow

The doom and gloom about the stock market that has been predicted since the pandemic started has abated somewhat with the resilience shown by investors (helped by low-interest rate
1 day ago
US Space Force allows repurposed SpaceX rocket to launch GPS satellite

US Space Force allows repurposed SpaceX rocket to launch GPS satellite

A GPS navigation satellite built by Lockheed Martin is set to ride a reused SpaceX booster on a launch from Cape Canaveral, Florida, Thursday. It will be the first time a military
3 days ago
Disney boss says 40 pc ad revenue went to streaming sites, no plans of ad supported Disney+

Disney boss says 40 pc ad revenue went to streaming sites, no plans of ad supported Disney+

Walt Disney CEO Bob Chapel says the company’s advertising revenue for the upcoming fall television season was strong and went up by “double-digits” compared to 2019.
5 days ago