News
IoT teddy bear leaks - Comment from Smoothwall
February 2017 by David Navin, Corporate Security Specialist at Smoothwall
Following the news that Internet-connected stuffed animal toy maker CloudPets has suffered a data breach, with more than 2 million voice recordings of children and parents exposed, as well as e-mail addresses and password data for more than 800,000 accounts, The comments from David Navin, Corporate Security Specialist at Smoothwall.
“The idea of an innocent household teddy bear sharing voice recordings, e-mail addresses and passwords of its users may sound like an elaborate plot from a budget Hollywood film, but is in fact a reality faced by over 800,000 accounts linked to the bear. As the IoT becomes increasingly prevalent in the home, ensuring data is stored safely and securely must be an absolute priority. Parents should feel comforted in knowing that the toys their children play with are secure and private, without having to worry about their personal information attached to that device could be hacked and potentially exploited.
“The news that the database where all information gathered by the teddy bear was public and not protected by a password or firewall is somewhat baffling; the fact that the customer data was accessed many times from a whole host of sources goes to show how vulnerable and attractive a company is without the proper security measures in place. Every company must therefore build a layered security defence which spans encryption, firewalls, web filtering and ongoing threat monitoring to counteract threat actors attempting to steal information.”
