One of the goals of technology is to make life simpler and stay in touch no matter the distances. With the passage of time we have seen an explosion of the articles connected to the internet, enough action to give them the surname "smart" or "intelligent", even if they are not at all. So we have seen from refrigerators, bottles, drawers, mirrors, to really absurd things that are sold with this "attractive" feature.
This growing connectivity has caused more and more threats to our privacy, with devices that for various situations have exposed our data, or have been hacked to access confidential information. These horror stories have been present for some years now in several companies that do not take their customers' safety seriously, something that has even caught up with toys , causing the victims of these failures to be children.
The null safety in toys connected to the internet
Spiral Toys is a company that last Christmas managed to sell a large number of its CloudPets plush dolls in the United States, which had the feature of being connected to the internet, something that served to provide a kind of communication between parents And children through a mobile application. These plush toys quickly became one of the best-selling toys of the season, acting as a bridge to private family conversations. Sounds good? Let's look at the CloudPets television ad.
Well, it has now been discovered that more than 800,000 CloudPets user accounts and more than two million conversations were fully exposed. This means that anyone with internet could access user names, passwords, emails, and audio recordings of children.
All this information has been without any security on the internet for more than two months, enough time for hackers to have been able to download all this information to use it for malicious purposes. But the worst of all is that the company has not even given the face to inform its customers of the security gap, and even their social channels have been abandoned.
Several sites and institutions that are dedicated to finding unprotected databases gave the alarm , and even gave details of how all this information was exposed all this time, stored on servers without any security that revealed personal data of thousands of people.
The first consequence of this vulnerability is that a group of hackers accessed this database and abducted it in exchange for bitcoins, but it is unknown if the company paid for the ransom. What is a fact is that the database was removed from the internet last January 12, and some say that some of this information is for sale on the Deep Web.
Although some say that they have nothing to hide, the reality is that this information can be used for various purposes, such as impersonations, extortion of children's voice, and even account data could be used for Access other services of those same users.
The bad news is that this is not the first time, we have already seen the case of VTech that exposed the data of 6.3 million children; Or "Hello Barbie" dolls, which have the characteristic of "talking" to the girls, were exposed to security problems ; And recently it was discovered as other dolls spied the children recording their voices.