View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 30, 2015

5m records breached as cyber attack hits toymaker Vtech

News: Hack raises child safety fears.

By Charlotte Henry

Children’s toymaker VTech has had its app store database breached, potentially exposing the personal data of 4.8 million adults, and over 200,000 children, in one of the biggest breaches in consumer history.

The firm has confirmed that the breach, originally reported by Vice’s Motherboard tech website, occurred on November 14th. The hacker claiming responsibility passed some personal files onto Motherboard.

In a statement to the website, VTech said: "On November 14 [Hong Kong Time] an unauthorised party accessed VTech customer data on our Learning Lodge app store customer database. We were not aware of this unauthorised access until you alerted us."

The company has since written to customers, saying: "Upon discovering the unauthorised access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against further attacks."

It also says that the customer database does not contain any credit card or banking information. The fear is that the data could result in links being made between parents details and their children’s names, potentially revealing the full name and address of children.

Security expert Troy Hunt, who analysed some of the breach records, said that the records were hashed with the MD5 algorithm, not considered particularly robust, and secret questions used for password or account recovery were stored just in plaintext.

Another expert, Professor Alan Woodward, told the BBC that he thought the attack looked like it had been conducted via SQL injection.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.