Smart devices, including smart and connected toys can be fun for kids, but unfortunately, these new generation toys can pose serious risks too. In November 2015, leading electronic learning toy producer Vtech, announced that its systems were compromised. According to reports, about five million customers were affected, exposing customer data that included names, email addresses, encrypted passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses, and download histories.
In response to some parents who expressed anger over the unavailability of the toys’ service, Vtech updated its terms and conditions, as noted by developer-blogger Troy Hunt. The update, which was released on December 24, now includes a line that reads “You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorized parties”. Hunt notes that the idea that such companies do not take responsibility despite building negligent software does not align with best security practices—when it should, especially if it collects data from children.
In view of Vtech’s security fiasco, companies and users are advised to be aware of the capabilities of any device or toy that can store data and connects to the internet. With the recent security incidents involving smart toys, thousands of other connected could also be vulnerable. The ongoing smartification of devices and processes pose new security challenges, making it important for consumers, as well as companies to not only apply best security practices but to consider a number of security considerations before buying smart devices.
Smart and connected toys are here to stay. Whether you like it or not, the reality is that there will be at least one security problem that you or your child would have to face. Before you fall victim to any of these security threats, here’s how you can stay ahead to protect your privacy:
Guide your kids – though kids nowadays could probably more tech-savvy than any average adult, always check and guide your kids’ online habits. Security threats are often, if not always invisible to the eye. Understanding the risks and threats that come with your device is a first good step to prevent from getting hacked. In the case of weak or questionable security, evaluate if the device really needs all the information that it asks for, and if it's necessary to provide detailed information.
Read “Terms and Conditions” carefully – this could get tricky, as seen in the Vtech incident. Make sure to read terms and conditions, updates, and notifications properly. If possible, explain it to your child and opt for the best security/privacy alternative.
Be wary of parental controls – while it is ideal to use parental controls, attackers can access and crack the very password you use to protect your data.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale