CDSA News

Inside the VTech Hack that Jeopardized Data of more than 200,000 Kids (The Next Web)

Motherboard has exposed one of the largest attacks yet, a massive breach of private user data from tech toy manufacturer VTech.

The hack exposed nearly 5 million parents as well as the names, genders and birthday information of more than 200,000 kids. What’s worse, the kids’ data is easily matched to that of the parents which would make it relatively easy to find their home addresses.

During his attempt to verify the leak, the journalist that originally penned the story, Lorenzo Franceschi-Bicchierai, reached out to Microsoft MVP for Developer Security, Troy Hunt.

It’s from Hunt’s analysis that we see just what went wrong. Hunt’s first step was to verify the data. He did this through his own service, ‘Have I been pwned?’ (HIBP). HIBP is a free opt-in service that attempts to notify users if their accounts have been compromised in a data breach.