Five million customers affected by Vtech database hack

Vtech has also suspended 13 websites following the hacking of its Learning Lodge app database.

Electronic toy and educational material seller Vtech has confirmed that about five million customers were affected in the data theft reported on Friday.

They are from all over the world, including the US, UK, France and China.
Vtech has also suspended 13 websites following the hacking of its Learning Lodge app database.
The hacked database included a lot of customer data, including some details about children, and the company was told about the breach by a journalist.
It did not contain any credit card information, Vtech said, but it did store the “name, email address, encrypted password, secret question and answer for password retrieval, IP address, mailing address and download history” of customers.
Professor Alan Woodward, cybersecurity expert at Surrey University, said it looked like the firm may have been subjected to a simple hacking technique known as an SQL injection.
“These breaches are endemic and we have to stop. If that means focusing the minds of these companies through big fines then so be it. It needs to be taken seriously and those responsible held to account,” he told the BBC.
Another expert, Troy Hunt, also expressed concerns.
“When it’s hundreds of thousands of children including their names, genders and birthdates, that’s off the charts,” he wrote.
“When it includes their parents as well – along with their home address – and you can link the two and emphatically say ‘Here is nine-year-old Mary, I know where she lives and I have other personally identifiable information about her parents (including their password and security question)’, I start to run out of superlatives to even describe how bad that is.”
Source: http://www.bbc.co.uk

Facebooktwittergoogle_plusredditlinkedinmail