Earlier today, we brought you the news that VTech had confirmed that the details of 5 million kids and their parents had been exposed. VTech confirmed that the information obtained from their “Learning Lodge” store included names, addresses, email addresses and more. What they didn’t mention was that photos, audio clips and chat logs were also obtained.
One of the apps that can be added to VTech’s children’s tablets is Kid Connect. This allows parents to use their smartphones to chat with their kids. The app encouraged users to take photos to be used for their account. Unfortunately, these photos and a year’s worth of chat logs were stored on the same server that was breached earlier this month.
So how many people were affected by this latest discovery? 2.3 million users were registered with the Kid Connect service. A hacker that contacted Motherboard stated that he was able to obtain 190GB of photos, as well as chat logs that dated back to late last year. All of the photos and logs could be traced to usernames, which could then easily be used to look up the real names and addresses of the parents.
VTech has announced that they are temporarily shutting down some of their vulnerable services, in effort to protect the data from being obtained by any other hackers. However, that measure seems to be too little, too late.
Thus far, two states have confirmed that they will be investigating the breach. Specifically Jaclyn Falkowski, a spokeswoman for Connecticut Attorney General George Jepsen stated that “we are aware of the breach and will be looking into it.” Eileen Boyce, a spokeswoman for Illinois Attorney General Lisa Madigan also stated simply “Illinois will investigate.” We’ll keep you up to date with what these and other investigations yield.