Hong Kong childhood tech firm VTech is hacked, exposing data of 5 million customers and kids
Hong Kong-based kid's technology maker VTech says the personal information of about 5 million of its customers and their children may have been stolen by hackers.
The company disclosed the breach of a customer database late last week, but didn't say how many people could be affected until Monday.
The news comes just as the holiday shopping season is kicking into gear and kid's smartwatches and tablets made by companies such as VTech are expected to be high on children's wish lists. VTech's Kidizoom Smartwatch is predicted to be a top seller this holiday season, while its InnoTab tablets have been popular in the past.
Compromised information in the VTech breach includes the names, birthdates and genders of child users. It also includes adult user information including names, email addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download histories.
Customers from the US and 15 other countries are affected.
The hacking serves as a reminder to parents to be careful about what kinds of information about their children they enter into on Internet-connected devices. While devices like kid-friendly smartwatches and tablets may block a child's access to the bulk of the Internet, they're still a potential target for hackers.
The breach took place on November 14 and was discovered 10 days later. It involved customer data stored on the company's Learning Lodge app store database. Customers use Learning Lodge to download apps, games, e-books and other content to VTech products.
VTech Holdings Ltd says it's contacted all of the affected users by email and has temporarily suspended its Learning Lodge website and some others as a precaution. It is investigating the breach and says it has taken steps to prevent another one from happening.