Toymaker VTech is Breached

In an article by Phil Muncaster – InfoSecurity Magazine

A Hong Kong-based maker of children’s educational toys has suffered a data breach, exposing the details of potentially millions of children and their parents.

VTech, which builds “electronic learning toys,” revealed in a statement on Friday that an “unauthorized party” accessed customer data held in its Learning Lodge app store database on 14 November.

It continued:

“Upon discovering the unauthorized access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against any further attacks.

Our customer database contains general user profile information including name, email address, encrypted password, secret question and answer for password retrieval, IP address, mailing address and download history.”

The firm stressed that the database in question doesn’t store credit card information as Learning Lodge payments are processed by a third party provider. Read Entire Article

So the good news is no Credit Card Information was stolen, however, the information that was stolen can be devastating to the parents/children, especially considering that for the most part, people reuse passwords and secret questions for email addresses, banking, etc.