With Christmas just around the corner, parents everywhere have been hunting for this season’s hottest toys. One of the biggest trends for kids – as if it were any surprise – have been toys that connect to the Internet, adding fun features and a whole new dimension to play.
For all their benefits, these toys come with a host of risks that parents and even the companies themselves are just starting to wake up to. Many parents and experts are wondering whether their children’s information is being kept safe, and how vulnerable they are to malicious hackers.
One of the most severe cases came to light this month when news broke that the Hong Kong-based manufacturer VTECH had been the victim of hackers. The revelation was accompanied by a wave of widespread shock that the attackers had managed to walk away with the personal data of over six million kids.
Amit Ashbel, a Cyber Security Evangelist at Checkmarx who posted on the attack, spoke with Geektime about the hack, saying that, “The hacking was on a really basic level. The data was stolen with an SQL injection, which is very common. It could have been very easy to prevent through better security in the coding.”
“Their level of encryption was weak at best and out of date when compared to industry standards,” Ashbel explained, highlighting an issue that is unfortunately exceedingly common throughout the sector.
Read the whole article here.