Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Wednesday December 16 2015, @10:17AM   Printer-friendly
from the he's-all-toy'd-up dept.

An unidentified man has been arrested in England in connection with the hack of VTech, a Hong Kong toy maker:

Police in England said they arrested a 21-year-old man on Tuesday in connection with last month's breach of VTech, a Hong Kong electronic toy maker, which exposed personal data for 12 million people, including 6.4 million minors. Hackers also made off with profile photos and chat logs of millions of parents and their children.

British police said they arrested the man, who has not been identified, in Bracknell, a town 32 miles outside of London, for breaking England's Computer Misuse Act, including "unauthorized access" to a computer and data, according to a statement released by Britain's South East Regional Organized Crime Unit.

Last month, VTech said its online database store was compromised by hackers. Among the stolen data were names, email addresses, passwords, profile information, mailing addresses and download histories belonging to parents, as well as names, genders and birth dates of children. The breach was notable for the fact that children's personal information was compromised. Security experts say children are a frequent target for identity thieves because their clean credit histories can be used to apply for government benefits, open bank and credit card accounts and apply for loans.

But the hacker believed to be behind the breach told Vice's Motherboard blog that he did not intend to sell or use the data, but instead to draw publicity to VTech's weak security practices. The hacker told Motherboard that he was able to breach two databases, containing personal data for millions of parents and children, using a simple hacking technique called a SQL injection, in which hackers enter commands that prompt a database to dump its contents.

Previously: Hack of Toy Maker VTech Exposes Families


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Hyperturtle on Wednesday December 16 2015, @11:01PM

    by Hyperturtle (2824) on Wednesday December 16 2015, @11:01PM (#277370)

    What nefarious thing did he do, besides exposing the problem? It doesn't seem like he profited from it other than benefiting the world from his actions exposing how bad "cloud" security can be. Just because he thought of the children doesn't mean you can go around screaming think of the children! lock him up because there might be nudes? of kids? MIGHT?

    Shame on vtech for what they did. Shame on them for not being able to provide free 24x7 credit monitoring to your nude child example. Shame on them for being so stupid, and shame on them for not writing that guy a reward check and offering him a job for resisting the urge to sell all that stuff a 100x over because he could.

    Instead, he went to the media. Which is probably far worse from their perspective than if he quietly sold the stuff on some black market.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Thursday December 17 2015, @03:21AM

    by Anonymous Coward on Thursday December 17 2015, @03:21AM (#277471)
    Well, next time someone finds such vulnerabilities they'll just sell them for all they're worth. At least then if the hacker gets caught he at least made some money. That's the sort of behaviour they want to encourage it seems.