Hacked server violates the toy company VTech and data access to millions of customers around the world. More details below.
The manufacturer VTech toy company known for their tablets, phones and other equipment monitoring for children has recently suffered a hacker attack.
VTech housed the customer data on servers located in China, which had security flaws that allowed hackers from accessing the data of 5 million parents and 200,000 children from all over the world.
Have I Been Pwned, practical service that allows our know their data was compromised or violated, said that this attack is of utmost importance because it affects end users.
According to our sources said, the author of the attack claimed to have no bad intentions on the data violated and explains that gained access to them through a simple SQL injection attack. He also noted that due to the ease of access to this sensitive information, any other person with bad intentions could do the same.
So far VTech did not rule on the issue. On the other hand, Troy Hunt, creator of the service “Have I Been Pwned” he said that not only the database contains nearly 5 million emails but also their passwords with an insecure MD5 hash. Hunt also says that no certificate VTech uses SSL and data such as passwords are completely unprotected.
Video on Kid VTech Connect
Source: Motherboard