VTech, makers of several popular educational toys for children, topped headlines last week after it was revealed that a hacker had infiltrated the company’s database and made away with personally-identifiable information belonging to nearly five million families.
Things went from bad to worse over the holiday weekend as the hacker confessed to Motherboard that he also got away with a heap of photos and chat logs that were inexplicably stored online.
The hacker, who asked the publication to remain anonymous, said he also found tens of thousands of pictures of parents and children. Determining just how many images were collected is tough as some are blank and others are obvious duplicates. The anonymous hacker said he skimmed the data from the company’s Kid Connect product which allows parents using a smartphone to chat with their kids using a VTech tablet. In total, the hacker claims to have gathered 190GB worth of pics.
Furthermore, the attacker managed to collect audio files chat logs, the latter dating back to the end of last year.
It seems that in nearly every case, the media can be traced back to specific usernames for identification.
In a press release issued Monday, VTech said it has suspended access to its Learning Lodge and more than a dozen additional websites as an added precautionary measure. In the meantime, the company said its investigation into the incident continues.