VTech Holdings admitted that a cyberattack exposed information on 6.4 million children and another 4.9 million adults. The company, based in Hong Kong, said databases that are connected to the Learning Lodge app store and the Kid Connect messaging system were affected in what is being called the largest cyberattack targeting children.
Due to the size of the breach, security consultants around the world are calling for VTech and all other makers of electronic kids’ toys to review and enhance their security programs.
Seth Chromick, vArmour threat analyst, said: “This breach is a parent’s nightmare of epic proportions. A different approach to security for all organizations is needed.”
In a statement that can be found on VTech.com, the company said the database contained the names, gender and birthdates of the children registered with the programs. However, the amount of information listed in the adults’ profiles are significant. In addition to name and both snail mail and email addresses, the stolen data includes security questions and answers that would allow hackers to get access to passwords as well as IP addresses and download history.
Consumers in the United States, France, the United Kingdom, Germany, Canada, Spain, Belgium and the Netherlands were affected. This stolen data could be worth millions of dollars.
One noted cybersecurity consultant estimates that a stolen record can be sold for up to $4 in the underground market.
Cybertheft is a crime and New Jersey law enforcement takes these charges very seriously. If you are facing charges related to Internet crime, contact lawyer John W. Tumelty right away for aggressive criminal defense representation.