VTech hacker also got his hands on toy user photos and chat logs
The hacker of toy manufacturer VTech’s systems has not only got his hands on personal data of nearly 5 million parents and more than 200,000 children, but also photos and chat logs. This is according to new information about the hack.
The hacker obtained the images and chat logs of a vulnerable system that VTech used for the Kid Connect service. This service allows parents to chat with their child via a smartphone app, if the latter is using a VTech tablet. In the tutorial video, VTech advises tablet users to take a face photo. That writes Motherboard, which was the first to publish the hack on Friday.
It concerns 190GB of photo material and the hacker estimates that it concerns tens of thousands of images. The man shared a file of 3,832 photos with Motherboard to substantiate his claim. He also found chat logs dating from the end of last year to November this year and there were also audio recordings of users on the vulnerable systems.
Meanwhile, VTech has taken its Learning Lodge service and a number of international and regional websites offline pending the investigation. The sites planetvtech.com, vsmilelink.com and sleepybearlullabytime.com have been taken offline by the toy manufacturer, among others. VTech emphasizes that no credit card details have been stolen.
The VTech hack, which took place on November 14, was announced on Friday. It would be the fifth largest data breach of all time. The hacker has disclosed details about the hack but would not have any further plans with the data.