Data on 5 million VTech customers, their kids exposed
United States, 15 other countries affected by hack of children’s technology maker
VTech’s Kidizoom Smartwatch is predicted to be a top seller this holiday season.
NEW YORK — Kid’s technology maker VTech says the personal information of about 5 million of its customers and their children may have been stolen by hackers.
The Hong Kong-based company disclosed the breach of a customer database late last week but didn’t say until Monday how many people could be affected.
The news comes just as the holiday shopping season is kick-
ing into gear and kid’s smartwatches and tablets made by companies such as VTech are expected to be high on children’s wish lists. VTech’s Kidizoom Smartwatch is predicted to be a top seller this holiday season. Its InnoTab tablets have been popular in the past.
Compromised information in the VTech breach includes the names, birthdates and genders of child users. It also includes adult user information including names, email addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download histories.
The affected database doesn’t contain any credit card numbers, or personal identification information such as Social Security or driver’s license numbers, VTech says.
Through a spokeswoman, VTech declined to comment beyond the company statement.
Customers in the U.S. and 15 other countries are affected.
The hacking serves as a reminder to parents to be careful about what kinds of information about their children they enter on Internet-connected devices. While devices like kidfriendly smartwatches and tablets may block a child’s access to the bulk of the Internet, they’re still a potential target for hackers.
The breach took place Nov. 14 and was discovered 10 days later. It involved customer data stored on the company’s Learning Lodge app store database. Customers use Learning Lodge to download apps, games, e-books and other content to VTech products.
VTech Holdings says it has contacted all of the affected users by email and has temporarily suspended its Learning Lodge website and some others as a precaution.
It is investigating the breach and says it has taken steps to prevent another one from happening.