In early December, the manufacturer of electronic toys and connected VTech confirmed an intrusion into its database of its application store Learning Lodge
First, we learned that the attackers have published data sensitive such as photos
children and relatives taken by some toys with cameras
selfies. Conversations from a chat application
allowing children to discuss with their parents (via
smartphone application) were also compromised.
In addition, the name, sex and date of birth of children, and for parents,
name, mailing address, email address, passwords and
personal questions to find them and the address
IP were hijacked.
Later we learned that finally 6.4 million children accounts were compromised. The attack
against
VTech is one of the largest in 2015 – behind Ashley Madison
however, and its 30 million hacked accounts.
In a statement, VTech said the affected customers
were mainly in the United States, then in order
France, UK, Germany, Canada, Spain,
Belgium and the Netherlands.
Taiwan’s toys are very popular in our country. One then understands better why the consumer association UFC Que Choisir, which is called “outraged” by the case decided to take over the case and file a complaint against the manufacturer to the high court of Versailles.
“Hard to believe that a company as large and as” connected “as VTech has not sufficiently secure databases. However, the hacker claims to have used a fairly simple method to break into VTech servers.! SQL injection This method of intrusion, of great simplicity, is identified for almost 13 years … And it can easily be defeated if simple protection rules are implemented. It is clear that the action of a single hacker was enough to violate the VTech servers and retrieve, nose and beard of the company, the data of nearly 6 million children worldwide, including 1 million French children! In addition, VTech has not detected the intrusion suffered before being interviewed by the press “, asserts the UFC.
He continued: “In an increasingly digital environment data greedy and dangerous for the protection of privacy, the fault appears to have been committed by the company VTech is intolerable (…. ) Concerned about the real risks to privacy, UFC-Que Choisir does not intend to remain inactive side violated the rights of millions of French consumers. “
Remember that the writer of this attack may well be a young British 21
years according to the BBC. The English police investigating this case
confirmed having arrested a suspect in Berkshire. It is suspected “of unauthorized access to a computer to facilitate the commission of an offense” written police.
Read also on ZDNet.fr: Give a connected toy: a bad idea gift for Christmas
No comments:
Post a Comment