VTech ‘cannot confirm’ if kids’ chat logs and photos were compromised by security breach

On November 14, there was a security breach in electronics manufacturer VTech’s Learning Lodge app store database. The Hong Kong company, known for its vast selection of educational toys and cordless phones, learned of the unauthorized access 10 days later. It was alerted by “an email from a Canadian journalist asking about the incident.”

The Learning Lodge storefront provides downloads, games, e-books and other educational content for customers.

Related: John McAfee: As it hits the mainstram the dark web makes hacking easier

The database contains profile information such as names, email addresses, passwords, mailing addresses, and download history. Vtech maintains that it does not process or store credit card information on the Learning Lodge site. Customers who make purchases are directed to a secure third-party site to complete their transactions.

Customer data from countries throughout the globe was compromised, including information from Europe, North America and Asia. In the latest press release, VTech states that nearly five million customer (parent) accounts and over six million kid profiles were affected by the breach.

The company defends itself by saying that this was “a criminal act and a well-planned attack” and it also mentions the involvement of a “skilled hacker.”

The company was not able to confirm whether or not the hacker(s) were able to access photo, chat logs, or audio files of children and their parents, particularly through the Kid Connect app.

Vtech reports that it has conducted a “thorough investigation” and will take steps to prevent a similar attack in the future. It recently announced that it is retaining the services of FireEye’s Mandiant Incident Response, described as “one of the world’s leading cyber forensics teams,” to assist in this endeavor. Vtech’s methods of data collection will be subjected to particular scrutiny.

The company also took down the Learning Lodge site, and it is still nonfunctional as of this writing.

“We are deeply shocked by this orchestrated and sophisticated attack on our network. We regret that users of Learning Lodge, Kid Connect and PlanetVTech, some of whom are colleagues, friends and families, are also affected,” said CEO Alan Wong.

via Digital Trends http://bit.ly/1O9KUho

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s