Skip to main content

Are you a legal professional? Visit our professional site

Search for legal issues
For help near (city, ZIP code or county)
Please enter a legal issue and/or a location

Toy Company Hit by Hackers. Was Your Child's Data Stolen?

Article Placeholder Image
By Jonathan R. Tung, Esq. on December 09, 2015 5:59 AM

Data breaches aren't going away. Now even kids' toys aren't safe from hackers. First it happened to Barbie. More recently, on November 30th, VTech Holdings pulled the plug on several of its affiliate websites because hackers invaded customer data at VTech Holdings Limited, makers of electronic learning toys.

The silver lining to this story is that the breach is on a smaller scale and does not contain personally-identifiable information (PII) such as credit cards and addresses. On the other hand, it does contain information on your children's gender and birthdays.

What Happened This Time

Hackers gained access to customer data of VTech in November 14. In the VTech Learning Lodge application stores, customers can download apps, e-books, and other content for VTech products. Fortunately, customers do not surrender highly sensitive information such as credit card information, social security numbers, etc. However, the database does store general profile information of customers, including email addresses, IP addresses, download history, as well as the gender and birthdates of children who have used or downloaded VTech products.

Although not strictly PII, gender and birthday information, taken in concert with other data can certainly aid criminals in stealing one's identity.

We're Feeling Better Already

By now, business is so entrenched in interactive tech that entire business models would crumble if asked to do otherwise. So, VTech's company statement is a refrain of something the public has heard many times before: they promised a "comprehensive check of the affected site and implementation of measures to defend against further attacks." Customers have heard this one before with Neiman Marcus, who said "[We have] taken significant steps to further enhance information security." Each time it is said, it loses a little more meaning.

But what else can companies do? They can't say nothing. What will be the next major cyber-security move for businesses and law firms? It's anyone's guess.

Related Resources:

Find a Lawyer

More Options