DNA - Sputnik International
Science & Tech
Discover the latest science and technology news from Sputnik including the inventions and scientific breakthroughs that are shaping the world.

FBI Warning: Watch Out Parents, Internet-Connected Toys Are Dangerous

CC0 / Pixabay / Toddler with a toy
Toddler with a toy - Sputnik International
A warning has been used by the US Federal Bureau of Investigation (FBI), advising parents to carefully check internet-connected toys for any privacy and security concerns.

The FBI team told parents that many Internet of Things (IoT) toys with cloud-backed features such as speech recognition or online content hosting "could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed." 

"Security safeguards for these toys can be overlooked in the rush to market them and to make them easy to use. Consumers should perform online research of these products for any known issues that have been identified by security researchers or in consumer reports," a spokesperson for the FBI said. 

​In February 2017, a series of web-connected, app-enabled IoT toys called CloudPets were hacked, exposing 800,000 user account details and voice messages left by children.

Teddy bear - Sputnik International
Science & Tech
'Bear-ly' Innocent: Kids' Voice Recordings Leaked in Creepy IoT Teddy Hack

Since December 25, 2016 until the first week of January 2017, Spiral Toys left customer data of its CloudPets brand on a database that wasn't firewall protected, and a result, more than 800,000 emails and passwords were exposed.

In the beginning of January several cybercriminals were actively scanning the internet for exposed MongoDB's databases to delete their data and hold it for ransom, and CloudPets' data was overwritten twice, according to researchers.

This latest development and warning from the FBI advises parents to not only review what the toys collect and transmit, but also the privacy policies they operate under.

Additionally, parents are advised to only operate connected toys on trusted Wi-Fi networks, and to make sure the firmware and patches are installed for apps and connected devices.

"Bluetooth-connected toys that do not have authentication requirements (such as PINs or passwords) when pairing with the mobile devices could pose a risk for unauthorized access to the toy and allow communications with a child user," the FBI said.

"It could also be possible for unauthorized users to remotely gain access to the toy if the security measures used for these connections are insufficient or the device is compromised."

To participate in the discussion
log in or register
Заголовок открываемого материала