Skip to main content

VTech waves off security responsiblity after major 2015 breach

vtech disclaimer of responsibility for data breach losses tablet app android inno tab max
Image used with permission by copyright holder
In late 2015, children’s toy manufacturer VTech hit the headlines after a major security breach caused personal data from some five million users to become compromised. Now, the company has taken steps to wash its hands of responsibility for any similar event that might take place in the future.

VTech has relaunched its online app store, the Learning Lodge, which was the target of the attack two months ago. However, a change to the terms and conditions associated with the service seems to be more concerned with covering the company’s back than with defending the personal data of its customers, according to a report from Tech Spot.

Littered with such phrases as “at your own risk” and “full responsibility,” the gist of the document is that VTech will not be held accountable for losses arising from any future breach. The terms explicitly state that VTech will not be liable for “damages of any kind” should such a situation arise.

Understandably, this has caused some unrest among both consumers and security analysts. It’s disappointing that a company selling products used by children would take such a hands-off approach to protecting information keyed into those devices, and it certainly sets a poor precedent going forward.

It would be convenient for many organizations to claim no responsibility for personal data being leaked or their systems otherwise being breached. However, for services like Learning Lodge, which is a significant money-spinner, there has to be some sense of responsibility attached to offering it up to widespread use.

There are calls for a boycott of VTech’s products in response to these updated terms and conditions, and that could well be exactly the sort of response that’s necessary to force an appropriate reaction. In the grander scheme of things, a situation like this raises yet more questions about the data we entrust to major corporations on a regular basis.

Editors' Recommendations

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Microsoft reveals a security breach of an internal customer support database
Microsoft Surface Go Hands-on

Microsoft announced today that an internal customer support database experienced a security breach in December 2019.

The technology company’s announcement came via a blog post published on Wednesday, January 22 on the Microsoft Security Response Center blog. According to the post, the breach occurred on December 5, 2019 and involved the “misconfiguration of an internal customer support database used for Microsoft support case analytics.” Essentially, the breach occurred when a change was made to the database’s network security group. This change carried with it “misconfigured security rules” which then caused the exposure of customer data. And according to ZDNet, the servers affected by the breach “contained roughly 250 million entries, with information such as email addresses, IP addresses, and support case details.”

Read more
Amazon Memorial Day sale: $210 off Arlo Pro wireless security camera kit
Arlo camera installed outside.

Previous

Next

Read more
Can new laws protect you from smart home security breaches?
smart home security breach protection oregon california 29723649810 7bc6eb78a7 k

As internet-connected devices are getting more and more popular, lawmakers are looking at new ways to help protect consumers -- and ensure their data isn't being put at risk by the companies that hold it.

At the federal level, there have been a number of attempts to add regulations that would protect owners of internet of things devices. The Cybersecurity Improvement Act of 2019, introduced last month by Senator Mark Warner of Virginia, would create new requirements for internet-connected devices. The details of the bill are a bit sparse, but it would require the National Institute of Standards and Technology to develop new recommendations for device makers to follow. Those rules would aim to shore up some of the cybersecurity shortcomings that currently plague internet-connected devices, like easy-to-guess default passwords that put millions of products and the households that have them at risk.

Read more