“Smart Toys” Could Be Dumb Mistake For Parents [KOMANDO]
Our friends at The Kim Komando Show are always on the lookout for the latest scams and suggest ways to protect yourself from hackers. This year, many of the most popular "smart toys" could be a potential security risk. A "smart toy" is anything that has wi-fi. This opens up the possibility for hackers to get their hands on.
The United States Senate wants you to be extra cautious if you've purchased a smart toy for your child this Christmas. The Committee on Commerce, Science, and Transportation recently released a report titled "Children’s Connected Toys: Data Security and Privacy Concerns" that details the risks these toys pose.
VTech children's phones and tablets had a service called "Kid Connect" that allowed parents and kids to exchange texts, voice messages and pictures. The company collected the parents' email addresses, mailing addresses; the child's name, birthdate, and picture; and all the content that was sent through the phone or tablet. But VTech had "outdated and inadequate security practices" so a hacker gained access to more than 6.4 million child profiles and 4.8 million parent accounts.
Fisher-Price's Smart Toy Bear can have a conversation with your child and remembers what is discussed. To use the toy, children set up a profile that includes their name, gender, date of birth, parents' email addresses and other information. A vulnerability in the web service associated with the toy means hackers can access these profiles.
An authorization flaw with KGPS's herO watch made it so that strangers could figure out where your child is. Parents use the watch and the app to track their child's location. They view this information through an online account and they can send invites to share access with other family members. Hackers had the ability to request and grant themselves permission to the account.
The Kim Komando Show airs every Saturday at 3pm on NewsTalk 96.5 KPEL.