‘Almost anyone’ can hack IoT childrens’ toys, says report.
The holiday shopping season creeps back earlier and earlier each year, with major retailers already reaching out to customers as much as a month ago to advertise seasonal deals and specials. Each year, one of the ongoing holiday headaches involves locating and procuring the “hot toy” of the year, the item that every child seems to have on the wish list. Unfortunately, many of those same consumer favorites carry security risks that parents often don’t discover until it’s too late.
Connected toys refers to a category of child-centric items that connect via Wi-Fi or Bluetooth, typically for similar reasons. They might be storing information in the cloud, using the signal to operate the toy via a smartphone app, or even relying on Wi-Fi to draw audio responses from their servers, as in the case of interactive toys. Previous holiday seasons have brought their own hacking concerns with some of these favorites, and this year’s shopping season holds just as many potential security dangers.
Gather data, or even contact your child
This goes beyond simply data mining, which is alarming enough when we’re talking about children’s identities. According to The Week, many of the toys in the test can be hacked and used to actively communicate with children.
“Research undertaken by Which? and the German consumer group Stiftung Warentest has revealed that a number of branded toys have security flaws, making it easy for ‘almost anyone’ to hack into them. The study found that four out of seven of the tested toys could be used to communicate with the children playing with them, The Guardian reports. The flaws were found in popular toys such as Furby Connect, i-Que Intelligent Robot, Toy-Fi Teddy and CloudPets.”
The response from different toymakers to this issue has varied. Earlier this year, Mattel pulled the plug (pun intended) on its kids’ version of basically an Amazon Echo due to concerns from the new CTO. However, Hasbro has reportedly offered lukewarm promises that their products comply with all privacy laws and shouldn’t be “hackable”.
For now, it’s up to parents and grandparents to understand how the toy could leave the family vulnerable before they make that purchase. Trusting in the security of a major manufacturer might seem like it’s enough, but only you can decide if the risk to your child is worth it.