Hackers accessed approximately 4,854,209 customer (parent) accounts and 6,368,509 related children's profiles worldwide through Vtech- a high profile children's toy company. A child's profile includes their name, gender and birthdate.
According to Vtech's website "an unauthorised party accessed Vtech customer data on the Learning Lodge app store customer database and Kid Connect servers".
Learning Lodge allows people to download apps, learning games, e-books and other educational content to their Vtech products. Kid Connect allows parents using a smartphone app to chat with their children using a VTech tablet.
Vtech have now suspended access to the apps and various websites connected to them.
According to Vtech's press release, 40,244 adult profiles and 55,102 children's profiles have been affected in Ireland by the data breach. As the investigation is ongoing, Vtech have been unable to confirm whether pictures and chats between families in the Kid Connect Server have been compromised.
It brings to the fore critical questions in terms of children's safety in a digital world; have you ever carried out a risk based audit on your child's online activities?
- ensure you know what apps your child is using;
- read the data protection policy for each of the apps your child downloads;
- take down profile pictures in their gaming profiles; and
- find out who are they are chatting to online.
You have a role to play in data protection- you might be unaware that you or your child has been the victim of information technology crime.
The breach affected approximately 5 million customer accounts and children's profiles, according to VTech. The customer data is located in VTech's Learning Lodge application store, where customers download apps, e-books, and other content for VTech's products.