It’s no secret that sharing personal information online comes with risk. But what if toys were also making it possible for hackers to access both you and your children’s information? Consumer Reports has some stern warnings about a new generation of toys.
Parents and children can record and send messages to each other through the internet using an app on some toys that come with a Bluetooth connection. But earlier this year a security researcher warned the toy’s maker, Spiral Toys, that its servers weren’t adequately protected - making user emails and passwords vulnerable to hackers. Spiral Toys told Consumer Reports they saw no evidence their data was breached but took immediate action to protect the privacy of their customers.
Exposing personal data could put you at risk for identity theft or even credit card fraud down the road. The worst case scenario though very remote is that information could be used in a child abduction. And there are some very real instances of children’s privacy being compromised by internet-connected toys.
Two years ago a hacker attacked toy maker VTech, exposing profiles of more than 6 million children including names, genders and birth dates - and even more detailed profiles of about 5 million adults. VTech says they took swift action after their data was compromised. The company assures consumers they can now manage their accounts securely - and to also change their passwords as soon as possible.
And the Federal Trade Commission recently announced it’s reviewing privacy and security complaints of two internet connected toys - i-Que Robot and My Friend Cayla. The doll has been banned in Germany. Consumer Reports says examples like these should serve as a wake-up call to families: either play it safe and enter fake names and birthdays or skip buying these toys altogether.