Menu
US senator probes into CloudPets smart toy hack

US senator probes into CloudPets smart toy hack

The data breach was said to affect over 800,000 user accounts

A U.S. senator is probing reports of a breach of data from smart toys from Spiral Toys, writing to the company’s CEO a letter with ten questions about the issue, including about the company’s security practices.

Bill Nelson, a Florida Democrat, wrote in a letter Tuesday to CEO Mark Meyers that the breach raises serious questions concerning how well the company protects the information it collects, particularly from children.

Nelson also said that the incident raises questions about the vendor's compliance with the Children’s Online Privacy Protection Act that requires covered companies to have reasonable procedures to protect the confidentiality, security and integrity of personal information collected from children.

The letter from Nelson was shared on Twitter by security researcher Troy Hunt, who exposed the breach in a blog post on Feb. 28.

The toys, sold under the CloudPets brand, allow parents and their children to send voice messages over the internet. Hunt found evidence that hackers had looted the unsecured MongoDB database that stored the toys' customer login information. Although the passwords were hashed, there wasn’t a stiff requirement of password strength from the vendor, and the passwords could be potentially hacked and the voice recordings accessed.

Meyers has said that the breach came to his notice only on Feb 22, although another researcher, Victor Gevers, claims to have contacted the toy maker about the issue in late December. The company has claimed that no recordings were stolen. Nelson, who is a ranking member of the Senate's Committee on Commerce, Science and Transportation, has asked Meyers to respond no later than March 23.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments