Skip to main content
  1. Home
  2. Web
  3. News

VTech ‘cannot confirm’ if kids’ chat logs and photos were compromised by security breach

Albert Khoury
By

Children smartphone tablet screens
Image used with permission by copyright holder
On November 14, there was a security breach in electronics manufacturer VTech’s Learning Lodge app store database. The Hong Kong company, known for its vast selection of educational toys and cordless phones, learned of the unauthorized access 10 days later. It was alerted by “an email from a Canadian journalist asking about the incident.”

The Learning Lodge storefront provides downloads, games, e-books and other educational content for customers.

Recommended Videos

The database contains profile information such as names, email addresses, passwords, mailing addresses, and download history. Vtech maintains that it does not process or store credit card information on the Learning Lodge site. Customers who make purchases are directed to a secure third-party site to complete their transactions.

Related

Customer data from countries throughout the globe was compromised, including information from Europe, North America, and Asia. In the latest press release, VTech states that nearly five million customer (parent) accounts and over six million kid profiles were affected by the breach.

The company defends itself by saying that this was “a criminal act and a well-planned attack” and it also mentions the involvement of a “skilled hacker.”

The company was not able to confirm whether or not the hacker(s) were able to access photo, chat logs, or audio files of children and their parents, particularly through the Kid Connect app.

Vtech reports that it has conducted a “thorough investigation” and will take steps to prevent a similar attack in the future. It recently announced that it is retaining the services of FireEye’s Mandiant Incident Response, described as “one of the world’s leading cyber forensics teams,” to assist in this endeavor. Vtech’s methods of data collection will be subjected to particular scrutiny.

The company also took down the Learning Lodge site, and it is still nonfunctional as of this writing.

“We are deeply shocked by this orchestrated and sophisticated attack on our network. We regret that users of Learning Lodge, Kid Connect and PlanetVTech, some of whom are colleagues, friends and families, are also affected,” said CEO Alan Wong.

Editors' Recommendations

Topics
Albert Khoury
Albert Khoury
Former Digital Trends Contributor
Al started his career at a downtown Manhattan publisher, and has since worked with digital and print publications. He's…
OnePlus customer data stolen in second data breach in two years
oneplus 7t macro lens iphone 11 lacks cameras

Phone company OnePlus has suffered another data breach, with an undisclosed number of customer names, contact numbers, email addresses, and shipping addresses stolen by an unnamed hacker or group.

This comes less than two years after up to 40,000 customers' private information was stolen from OnePlus, leading to credit card fraud using customers' details. In this case, the breach only came to light when the issue of credit card fraud was raised by a user on the OnePlus forums. An investigation subsequently discovered a malicious script had been gobbling up customer credit card details when they were entered into the OnePlus website.

Read more
Doordash data breach affects 4.9 million people, divulges physical addresses
DoorDash breach | Doordash app on a phone

Doordash is the latest tech company to suffer a major data breach. The company has announced that an unauthorized third party was able to gain access to Doordash user data on May 9, 2019, in a breach that affected a hefty 4.9 million users, delivery drivers, and merchants. According to the company, users who joined after April 5, 2018, were not affected by the breach.

"We take the security of our community very seriously. Earlier this [year], we became aware of unusual activity involving a third-party service provider," said the company in a blog post. "We immediately launched an investigation and outside security experts were engaged to assess what occurred."

Read more
1.5% of Chrome users’ passwords are known to be compromised, according to Google
A password screen with an indecipherable password inputted.

1.5% of passwords used in Chrome are unsafe and have been released in data breaches, according to new information from Google.

In February, a new feature was introduced to the Google Chrome browser which checks whether users' passwords are secure. Password Checkup is a free download that scans a database of 4 million compromised passwords and informs users if their password is among them and they need to change it. The database of passwords is collated from known third-party data breaches and when a user enters their password, it is checked against the list.

Read more