A British man has been arrested by United Kingdom authorities in relation to a cyberattack on VTech toys, which exposed the personal information of 6.4 million children. He is being held by law enforcement and could be charged for the data breach that broke a 1990 cybercrime law.
The 21-year-old British man was arrested in a town about half an hour outside of London. He is suspected of breaking the UK's Misuse Act of 1990.
The recent attack was on the Hong Kong-based VTech company and involved 11 million people's personal data, according to The Verge. Products of the company founded in 1976 include digital toys and mobile educational tools such as tablet computers and smartphone apps.
During the recent cyberattack, information in its Learning Lodge app store's database was hacked. This caused a security vulnerability of nearly 6.4 million children's profiles.
In addition, 5 million parents' accounts, and 464,000 parents' or children's PlanetVTech accounts were also breached, according to CNET. The parents' accounts included many types of personal information. That included names; email, IP, and snail mail addresses; and download histories.
VTech reported that the children's profiles included fewer types of data, such as names, birthdates, and genders. It has not been verified whether content such as digital photos and video chats were also stolen during the hack attack.
The motives of the hack of the toy company data are unclear. However, in an interview with Motherboard, which first reported the data breach, the hacker stated the goal was to spotlight VTech's security problems.
Law enforcement authorities in the UK, Hong Kong, and US are investigating the security breach. The hacked accounts were owned by parents and kids in the UK, US, and France.