Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Customer Data / Alleged VTech Hacker Arrested in U.K.
Alleged VTech Hacker Arrested in the U.K.
Alleged VTech Hacker Arrested in the U.K.
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Police in the United Kingdom believe they have caught the culprit behind a massive cyberattack against leading electronic toy maker VTech that compromised the information of nearly 5 million adults and over 6 million children.

The South East Regional Organized Crime Unit, or SEROCU, in Bracknell, a town about 30 miles west of London, arrested a 21-year-old man yesterday for alleged unauthorized access to a VTech computer. The police also seized several electronic items from the suspect as part of their investigation.

“Cyber criminality is affecting more and more business around the world and we continue to work with our partners to thoroughly investigate, often very complex cases,” said Craig Jones, head of the Cyber Crime Unit at SEROCU, in a statement. “We are still at the early stages of the investigation and there is still much work to be done. “We will continue to work closely with our partners to identify those who commit [offenses] and hold them to account.”

No Boundaries

Here’s the back story: The database of the company’s Learning Lodge app store, which allows customers to download apps, e-books and learning games, was breached on November 14 HKT (Hong Kong Time). The hack was discovered on November 24 HKT and customers were notified on November 27 HKT.

The company said the attack compromised the profiles of 6.4 million kids around the world, along with 4.9 million parent accounts. “It is important to note that our customer database does not contain any credit card information and VTech does not process nor store any customer credit card data on the Learning Lodge Web site," the company said previously.

VTech makes a wide variety of children's toys, including the VTech My Laptop (pictured). The company's customer database holds a slew of user profile information. The personal identifiers in the database include names, e-mail addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download histories. The database also contains kids’ information, including names, genders and birth dates.

“We are pursuing cybercriminals using the latest technology and working with businesses and academia to further develop specialist investigative capabilities to protect and reduce the risk to the public,” Jones said. “Cybercrime is an issue which has no boundaries and affects people on a local, regional and global level.”

Consumers Are Unaware

We caught up with Tim Erlin, director of IT risk and security strategy for advanced threat detection firm Tripwire, to get his thoughts on the news. He told us the alleged VTech hacker initially claimed he perpetrated the breach to showcase vulnerabilities in the company's products.

“We don't know if this is really the case, but publishing personal information to prove a point is rarely well received. Good intentions can still result in illegal actions,” Erlin said.

However, this incident is about more than the Internet of Things, toys or security vulnerabilities. "It's shedding light on the vast amount of personal data that is collected and stored by a variety of consumer companies," Erlin said. "Consumers are typically unaware of how much of their data is collected or used, and how this data can affect their privacy."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.