Online security analysts believe that the recent hack on connected toy manufacturer VTech simply proves that devices given to children lack security protocols. Simple connected toys for children offer far simple security measures compared to a decent smartphone. The hack also reveals that toy manufacturers like VTech do not provide substantial security measures for their products.
According to Motherboard, the VTech hack leaked information connected to more than 6.4 million children and about 5 million adults. Majority of the victims are based in the United States. The leaked data included passwords, certain personal information and chat conversations between parents and their children.
The recent hack on VTech has opened up the debate whether it is safe to give children connected toys now that it was revealed that such devices are also prone to hacking. Security experts also offered a simple advice to parents stating that they should consider giving their children more secure devices, like a smartphone, and avoid connected toys.
Pen Test Partners' Ken Munro told Forbes, "I recommend that instead of buying custom devices that are supposedly 'child friendly', spend a similar amount of cash on a second-hand iPhone. Even older devices support the latest iOS 9, which is really quite secure, and certainly when compared to the VTech devices and services they use."
Researchers found out that VTech is employing an insecure method of keeping its customers' records. Experts reveal that VTech's computer system does not support SSL web encryption which is a well-accepted protocol in protecting user data. Moreover, the company's Android app which is used by parents to converse to their children through their toys are also susceptible to hacking.