Android Century
  • Home
  • Android Zone
    • Android Apps
    • Android Games
    • Apps APk Files
    • Games Apk Files
    • Apps Hack Tricks
  • Reviews
  • Fantasy Zone
    • Entertainment
    • Quotes and Status
    • Life Style
    • Home Made Tips
    • Hair Care
    • Skin Care
    • Fantasy Tips
  • Tricks
    • Free Recharge
    • Free Internet
    • shopping Cashback
    • Recharge Cashback
  • Tech
  • Mobiles
  • Gadgets
  • News
  • How To's
  • Software
Breaking
Loading...

Featured post

How to Take Great Photos With Apple's iPhone X

Recent Posts

Labels

  • Android Apk Files
  • Android Apps
  • Android Games
  • Apps Apk Files
  • Entertainment
  • Fantasy Tips
  • Gadgets
  • Hair Care
  • HomeMade Tips
  • How To's
  • News
  • Quotes
  • Quotes & Status
  • Recharge Cashback
  • Recharge Promo Codes
  • Shopping Cashback
  • Technology
  • skin care
Home / News / Smart teddy bears for kids suffer a contentious data breach 2017

Smart teddy bears for kids suffer a contentious data breach 2017

Latest Govt. Jobs 22:42:00 News Edit
screen shot 2017 02 27 at 4.34.08 pm

If you own a stuffed animal from CloudPets, then you better change your password to the product. The toys—which can receive and send voice messages from children and parents—have been involved in a data breach dealing with more than 800,000 user accounts.
The breach, which grabbed headlines on Monday, is drawing concerns from security researchers because it may have given hackers access to voice recordings from the toy’s customers. But the company behind the products, Spiral Toys, is denying that any customers were hacked. 
“Were voice recordings stolen? Absolutely not,” said Mark Myers, CEO of the company.
[ Further reading: How the new age of antivirus software will protect your PC ]
Security researcher Troy Hunt, who tracks data breaches, brought the incident to light on Monday. Hackers appear to have accessed an exposed CloudPets’ database, which contained email addresses and hashed passwords, and they even sought to ransom the information back in January, he said in a blog post.
The incident underscores the danger with connected devices, including toys, and how data passing through them can be exposed, he added. 
In the case of CloudPets, the brand allegedly made the mistake of storing the customer information in a publicly exposed online MongoDB database that required no authentication to access. That allowed anyone, including hackers, to view and steal the data.
On the plus side, the passwords exposed in the breach are hashed with the bcrypt algorithm, making them difficult to crack. Unfortunately, CloudPets placed no requirement on password strength, meaning that even a single character such as letter “a” was acceptable, according to Hunt, who was given a copy of the stolen data last week.
As a result, Hunt was able to decipher a large number of the passwords, by simply checking them against common terms such as qwerty, 123456, and cloudpets.
“Anyone with the data could crack a large number of passwords, log on to accounts and pull down the voice recordings,” Hunt said in his blog post. 
Security researcher Victor Gevers from the GDI Foundation said he also discovered the exposed database from CloudPets and tried to contact the toy maker in late December.
However, both Gevers and Hunt said the company never responded to their repeated warnings.
On Monday, California-based Spiral Toys, which operates the CloudPets brand, claimed the company never received the warnings. 
“The headlines that say 2 million messages were leaked on the internet are completely false,” Myers said. 
His company only became aware of the issue after a reporter from Vice Media contacted them last week. “We looked at it and thought it was a very minimal issue,” he said. 
A malicious actor would only be able to access a customer’s voice recording if they managed to guess the password, he said. 
“We have to find a balance,” Myers said, when he addressed the toy maker’s lack of password strength requirements.  “How much is too much?”
He also said that Spiral Toys had outsourced its server management to a third-party vendor. In January, the company implemented changes MongoDB requested to increase the server’s security. 
Spiral Toys hasn’t been the only company targeted. In recent months, several hacking groups have been attacking thousands of publicly exposed MongoDB databases. They’ve done so by erasing the data, and then saying they can restore it, but only if victims pay a ransom fee.   
In the CloudPets incident, different hackers appear to have deleted the original databases, but left ransom notes on the exposed systems, Hunt said.
Although the CloudPets’ databases are no longer publicly accessible, it appears that the toy maker hasn’t notified customers about the breach, Hunt said. The danger is that hackers might be using the stolen information to break into customer accounts registered with the toys.
But Myers said the company found no evidence that any hackers broke into customer accounts. To protect its users, the company is planning on a password reset for all users. “Maybe our solution is to put more complex passwords,” he said. 
Share on Facebook Share on Twitter Share on Google Plus

RELATED POSTS


Xiaomi Redmi 5 launch

Vodafone partners with Tecno to off...

LG G7 with iPhone X-like notch
Smart teddy bears for kids suffer a contentious data breach 2017 Smart teddy bears for kids suffer a contentious data breach 2017 Reviewed by Latest Govt. Jobs on 22:42:00 Rating: 5

0 comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments ( Atom )

Search This Blog

TEST BOOK FOR GOVT ENTRANCE TEST

TEST BOOK FOR GOVT ENTRANCE TEST
Find All Latest book for preparation of SSC,RAILWAYBANK PO,RBI,BANK CLERK,GATE ME,GATE CE are available here in less prices, to check out the books click here

Translate

  • Popular Post
  • Random posts
  • Category

Popular Posts

  • Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Refer & Earn Offer:  Hey Guys! Today I make an article about Teen Patti Referral ...
  • Hands-on with the home windows 10 Creators update for the Xbox One: Beam recreation streaming arrives
    The Windows 10 Creators Update is here, now—yes,  now —but not (officially) on the PC. The ...
  • Taotronics TT-BH22 Headphones Review
    We make it a addiction to now not look up pricing of a product sooner than reviewing and if ...
  • Pentagon strongly condemns North Korea missile test
    The Pentagon on Monday strongly condemned North Korea’s latest missile test, adding that the ...
  • Reliance Jio to offer sharp tariff discounts for customers signing up by March-end
    Reliance Industries' Jio unit will charge a tariff for its services from April, but will offer ...
  • Bank wallets growing faster than e-wallets
    In the  bank  versus  e-wallets  sweepstakes,  lenders  have now gained lost ground. As of ...

Random Posts

  • Latest Google Search App APK Latest Version 5.9.33.16.
    Latest Google Search App APK Latest Version 5.9.33.16.
    23.02.2016 - 0 Comments
     Google app for Android: The fastest, easiest way to find what you need on the web and on your device.•…
  • How to Send Text Messages From Your PC With Your Android Phone
    How to Send Text Messages From Your PC With Your Android Phone
    27.01.2018 - 0 Comments
    You’re sitting at your PC and you receive a text message, so you pick up your phone, unlock it, read the…
  • Trump Slammed By Founder Of Humans Of New York
    Trump Slammed By Founder Of Humans Of New York
    15.03.2016 - 0 Comments
    The photographer behind the popular blog Humans of New York has written a scathing public letter to…
  • US drone strike targets senior Shebab leader in Somalia
    US drone strike targets senior Shebab leader in Somalia
    02.04.2016 - 0 Comments
    Washington: A US drone strike has targeted a senior Shebab leader in Somalia who was…
  • Ebay Loot – Get 30% Off On Purchase Of Rs 1000 [New Users]
    Ebay Loot – Get 30% Off On Purchase Of Rs 1000 [New Users]
    06.03.2016 - 0 Comments
    Ebay is back again with new offer. Now get 30% off on purchase of Rs 1000 or more. This is an amazing offer.…

Labels

Android Apk Files Android Apps Android Games Apps Apk Files Apps Hack Tricks Entertainment Free Internet Freecharge Gadgets Games Apk Files How To's Laptops Guide Mobiles Reviews Technology Viral's android zone free recharge

Entertainment

Tricks

Popular Posts

  • Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Refer & ...
  • Hands-on with the home windows 10 Creators update for the Xbox One: Beam recreation streaming arrives
    The Windows ...
  • Facebook co-founder learned programming language in 2 days www.goandroidapps.in
    Facebook co-founder learned programming language in 2 days www.goandroidapps.in
    Facebook co-founder ...
  • Meet Bat Bot, the new flying batlike drone
    Holy drone ...
  • Xiaomi Mi LED Smart TV 4 Review
    As a brand in ...
  • Thanks to Bitcoin, Buying a PC Is Better Than Building One (for Now)
    High-end ...
  • Lenovo Yoga Book launched in India at Rs 49,990: First Impressions
    Lenovo  has ...

Random Posts

  • How to add custom ringtones to your Android phone
    How to add custom ringtones to your Android phone
    11.02.2017 - 0 Comments
    When you decided to go with Android, customization was probably at the top of the list. Many longtime…
  • Google Hangouts for Android rolling with video messaging feature after 2 years the ios version
    Google Hangouts for Android rolling with video messaging feature after 2 years the ios version
    16.07.2016 - 0 Comments
    Google Hangouts for Android rolling with video messaging feature after 2 years the ios version: Video…
  • How to turn off Snapchat's Maps tracking feature
    How to turn off Snapchat's Maps tracking feature
    19.07.2017 - 0 Comments
    Snapchat normally tracks your area in an effort to serve you geo-place filters that you could display off…
  • How to Switch From an iPhone to an Android Phone
    How to Switch From an iPhone to an Android Phone
    11.02.2017 - 0 Comments
    Apple iPhone users once looked down their nose at the army of Android phones out there—and let's…
  • New age-detecting system
    New age-detecting system
    13.02.2018 - 0 Comments
    The researchers observed two big differences between how children and adults swipe phone screens. (File…

Most Popular

  • Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Offer 2018: Refer and Earn Flipkart Vouchers Free
    Teen Patti Refer & ...
  • SAMSUNG GALAXY J7 (2016) REVIEWS
    SAMSUNG GALAXY J7 (2016) REVIEWS
    SAMSUNG GALAXY J ...
  • Top 5 Best SmartPhones under 7000 Rs (March 2017)
    Looking for the ...
  • Apple, IBM, Cisco are huge because of Indians, do not deny them H-1B visa: RBI Governor Urjit Patel
    ...
  • SAMSUNG GALAXY J7 (2016) Specifications
    SAMSUNG GALAXY J ...
  • BlackBerry Teases Marshmallow Beta Testing for Priv by Next Week
    Blackberry ...
  • LG Q6 Review
    LG Q6 Review
    2017 is ...

Contact Form

Name

Email *

Message *

Offers Zone

Created By Android Century Distributed by Android Century
  • Home
  • About us
  • Contact us
  • Privacy policy
  • Terms of use
  • Advertise here
Subscribe Via Email Subscribe To Android Century By Email And Get Free Updates. ;-)


Your email address is safe with us!