VTech hacker also got his hands on photos and chat logs of toy users
The hacker of toy manufacturer VTech’s systems has not only got his hands on personal data of nearly 5 million parents and more than 200,000 children, but also photos and chat logs. That’s according to new information about the hack.
The hacker obtained the images and chat logs of a vulnerable system that VTech used for the Kid Connect service. This service allows parents to chat with their child via a smartphone app, if the latter uses a VTech tablet. In the tutorial video, VTech advises tablet users to take a face photo. That writes Motherboard, which was the first to publish the hack on Friday.
It concerns 190GB of photo material and the hacker estimates that it concerns tens of thousands of images. The man shared a file of 3,832 photos with Motherboard to substantiate his claim. He also found chat logs dating from the end of last year to November this year and there were also audio recordings of users on the vulnerable systems.
Meanwhile, VTech has taken its Learning Lodge service and a number of international and regional websites offline pending the investigation. The sites planetvtech.com, vsmilelink.com and sleepybearlullabytime.com, among others, have been taken offline by the toy manufacturer. VTech emphasizes that no credit card details have been stolen.
On Friday, the VTech hack, which took place on November 14, was announced. It would be the fifth largest data breach of all time. The hacker has disclosed details about the hack but would not plan anything further with the data.