Skip to main content

Leapfrog tablets may have exposed your kid’s location data

Leapfrog, the popular kids’ tablet, has been found to have security vulnerabilities that could have let strangers capture young users’ location data and send them messages. 

A new report from CheckMarx, an application security testing company, revealed that the LeapPad Ultimate tablet used an insecure internet connection that could have revealed personal information like age, gender, and names about the children who own the product. An app for LeapPad Ultimate called Pet Chat was also found to potentially reveal a tablet’s location and information. 

The tablet is meant for children ages 3 to 6, and is supposed to be safer than an iPad or a Kindle since it doesn’t require Wi-Fi and can only download Leapfrog-made apps. Pet Chat is one such app that allows two or more Leapfrog users within 100 feet of each other to talk in a chat room using only preset phrases. 

CheckMarx found that by using WiGLE, a website that shows different wireless hot spots, a stranger could have discovered the locations of children using the Pet Chat app on Leapfrog because the app creates an ad hoc Wi-Fi connection. Leapfrog removed the Pet Chat app from stores in June, according to CheckMarx. Those with LeapPad devices older than three years may still have the Pet Chat app, and parents are being advised to uninstall the app manually. 

Another vulnerability threat was discovered in Leapfrog’s child-safe web browser known as LeapSearch. CheckMarx manipulated the browser into a “phishing version” that could lead attackers to Leapfrog owners’ credit card, parent, and child information. 

CheckMarx said that after it brought this information to the attention of Leapfrog, the company was quick to act in fixing or removing the vulnerable features. 

“We thank Checkmarx for bringing these security issues to our attention, as the safety of the children who use our products is a top priority. With the information they provided, we were able to take immediate actions to resolve the issues. Checkmarx has been helpful, ethical, and professional.  Cooperating with them has benefitted LeapFrog and our customers,” Mari Sunderland, the vice president of digital product management, told Checkmarx. 

As more children are using technology at younger ages, tech companies have had to rethink how child-friendly their platforms and services are. On July 22, Facebook alerted parents about a security flaw in its Messenger Kids app. The technical error, which has since been fixed, allowed children to communicate with users in group chats who hadn’t been approved by their parents. 

YouTube has also had its fair share of issues with child-friendly content, and the Federal Trade Commission (FTC) was investigating the platform about how it handles videos aimed at children. YouTube has been accused of failing to protect kids, particularly when its algorithm recommends or queues inappropriate videos. 

Digital Trends reached out to Leapfrog for comment but has not yet received a response. 

Editors' Recommendations

Allison Matyus
Former Digital Trends Contributor
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
AMD is slowing down at the worst possible time
AMD CEO Lisa Su holding an APU chip.

AMD has a strong hold on the handheld gaming market, and given the growing popularity of such consoles, that's a good place to be. AMD's chips power the Steam Deck, but also consoles like the Asus ROG Ally or the Ayaneo 2S. While it's crucial for AMD to keep pushing and release new, more powerful APUs, the latest rumors imply that we may not see its most-anticipated update until 2025 -- a huge delay compared to the previous road map. As a result, are we about to witness Intel take the lead with Meteor Lake?

AMD has plans that go far beyond its current APUs, although no official release dates have been confirmed for these chips as of yet. However, according to the rumor mill, we expected to see Strix Halo and Strix Point APUs in 2024, just in time to rival Intel's fresh Meteor Lake chips. Now, according to Moore's Law Is Dead, we might have to wait a lot longer.

Read more
Apple’s M3 Max appears to keep up with Intel’s top desktop CPU
Apple revealing the M3 Max processor.

The first benchmarks of Apple's M3 Max processor just leaked, and it looks like it's going to be one speedy chip. Found in the new 16-inch MacBook Pro, the M3 Max pushes the capabilities of Apple silicon to new heights -- so much so that it can keep up with Intel's best desktop processor, all the while consuming far less power.

The exciting results come from a Geekbench 6 test. The chip listed under Apple M3 Max scored 2,943 in single-core and 21,084 in multi-core tests, respectively. Those are numbers that used to be pretty unreachable for a thin and light laptop just a couple of years ago, but they're comparable to Apple's M2 Ultra found in the latest Mac Pro (21,182 multi-core) and Mac Studio (21.316 multi-core).

Read more
The era of cheap SSDs is about to end
Samsung 980 Pro SSD being held in someone's hand.

Upgrading your storage has never been easier than it is now. Some of the best SSDs have been on a steady decline in price, meaning that buying an SSD with 1TB or more capacity is as cheap as buying an HDD. However, this buyer's market might be about to end, as Samsung is taking measures to increase the prices and control the stock levels so that this overflow of affordable SSDs comes to an end.

Trendforce, a market research company, shared the bad news in a recent report. Samsung's plan is not to directly increase the price of its own SSDs, such as the QVO and EVO lines. Instead, it plans to increase the prices of its NAND flash chips, and it has been doing that for a while now. However, previous price hikes have been nothing compared to the abrupt change it's plotting this time, as Samsung is planning to push up the prices by 20% per quarter for the first half of 2024.

Read more