CATEGORIES
home News

UK Authorities Arrest Man In Connection With VTech Child Data Hack

by Rob WilliamsTuesday, December 15, 2015, 01:57 PM EDT

Late last month, toy maker VTech was hit with a debilitating attack that resulted in an incredible amount of customer data winding up in the wrong hands. Given VTech's abysmal security measures, it's hard to consider it being a "victim" in this attack. Rather, its millions of customers are the ones at risk.

This morning, UK police issued a press release to say that they arrested someone who they believe was behind this attack. A name is not provided, but we are told it was a 21-year-old male from Bracknell, in southeast England. The official charges include using a computer to commit an offense, and gaining unauthorized access to data.

The release reads: "We are still at the early stages of the investigation and there is still much work to be done. We will continue to work closely with our partners to identify those who commit offences and hold them to account."

VTech

So-called "cyberattacks" are nothing new, but their reach is ever-growing. "Cyber crime is an issue which has no boundaries and affects people on a local, regional and global level," says Craig Jones, head of the cyber crime unit at SEROCU.

As a result of the breach, the attacker walked away with at least 190GB worth of customer data, which included names, addresses, email addresses, photos, and even detailed chat logs between parents and children.

While it could be argued that it's needless for a mere toy to capture and send that kind of information back to VTech's servers, the company's level of security was so poor that an attack like this was truly inevitable. A lot of information was stored in plain text, including passwords, and that of course implies salts weren't used. Further, no SSL was used to transmit this sensitive data. Ultimately, the attacker gained access to VTech's servers through SQL injection. After gaining root to the system, he began downloading this massive trove of data.

In this day and age, it's really something to see a company have so little security that it might as well be considered non-existent. VTech has a lot of cleaning-up to do not only with regards to its security protocols, but also with shattered customer relations.

Tags:  security, Privacy, Hacking, VTech
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment