SoylentNews is people
SoylentNews
from the won't-someone-think-of-the-children dept.
VTech, a Chinese company that makes popular electronic toys for kids, had its app store hacked.
An "unauthorized party" accessed customer information in a database for VTech's Learning Lodge app store on November 14, the company said in a statement Friday. The app store lets parents download apps, games, e-books and educational content to VTech toys.
The database contains customer data including name, email address, password, IP address, mailing address and download history. It does not contain credit card information, the company said.
VTech has not said how many customers were affected, but Motherboard, which first reported the hack, said information on nearly 5 million parents and more than 200,000 kids was exposed. The hacked data included kids' first name, gender and birthday, according to Motherboard.
[...] Motherboard was notified of the breach by an unidentified hacker who claimed responsibility. The hacker said he intends to do "nothing" with the data, according to Motherboard. Hackers sometimes break into systems simply to demonstrate that the networks are vulnerable and need to be made more secure.
If the number of exposed accounts reported by Motherboard is accurate, the VTech hack would be among the largest breaches in recent years. In August, hackers published data from more than 30 million accounts that had been set up on adultery website Ashley Madison. The personal information of an estimated 110 million Target customers was stolen in 2013 by malware installed on the retailer's point-of-sale terminals.
(Score: 2) by aristarchus on Monday November 30 2015, @05:20AM
Just posting so that this article has at least one comment. Seems unfair to have an article that gets no comments. But then, maybe that is because it is only about a technical issue like data security, and not about sex-bots, abortions, or sensoring The Mighty Buzzard. And no, that is not a typo and for the record I am against it. No sensors on the M. Buzz. Expecially no live-feed video. But Unless, and Until, SoylentNews can get itself out of a funk about what kind of articles are posted, I predict more of the same of less. I don't want it, I just see it.
And what the hell was a toy company doing with 5.2 million users data? Barbie. what is your opinion on this! "I'm made of Plastic, and it's fantastic, Bob." Over to you, Chuck Todd.
(Score: 0) by Anonymous Coward on Monday November 30 2015, @10:24PM
Well.. as far as online security is concerned, I have learned it is like calling people fat.
Calling the disease for what it is doesn't seem to get people to start caring about the harm it does to themselves.
(Score: 0) by Anonymous Coward on Monday November 30 2015, @06:15AM
(Score: 3, Informative) by Popeidol on Monday November 30 2015, @11:55AM
The hacker (Who apparently contacted Motherboard directly) says it was SQL injection leading directly to root access of the web/DB servers, which is pretty vague. Motherboard hit up Troy Hunt to see whether the breach was legitimate due to his experience in the area, and he was able to confirm it's legitimacy. He's got an interesting write up about the whole thing here. [troyhunt.com] The summary: He found a whole bunch of issues and notified vtech, but they go far beyond sanitizing data from web forms. He recommends taking the whole site offline until some fundamental issues are fixed.
What he mentions in the article is ugly enough, the part he's withholding pending a fix must be horrific.
(Score: 0) by Anonymous Coward on Monday November 30 2015, @10:51AM
Don't worry, pedophiles are already on the job!