Sign up to our newsletter
The VTech data breach has been revealed to be far more severe than originally thought, with over 10 million people now known to be affected.
In a recent update on its website, the company revealed that 6.4 million children and 4.9 million adults have had their accounts compromised.
Information that has been accessed includes names, email addresses, mailing addresses, download history and encrypted passwords.
While it has been widely reported that pictures and chat logs have also been obtained by the individual behind the breach, VTech remains tightlipped on the matter.
It stated that as the investigation into the incident is ongoing, it is unable to confirm this. However, it did say that the images are encrypted by AES128.
The specialist electronic toys and technology company also confirmed that the attack is global in scope.
Affected countries include Canada, the UK, France, Germany, Spain, Latin America, Hong Kong, China, Australia and the US. The latter is the worst hit.“Our Learning Lodge, Kid Connect and PlanetVTech databases were not as secure as they should have been.”
“Regretfully our Learning Lodge, Kid Connect and PlanetVTech databases were not as secure as they should have been,” VTech admitted.
“Upon discovering the breach, we immediately conducted a comprehensive check of the affected site and have taken thorough actions against future attacks.”
Despite the fact that all passwords are encrypted, it has nevertheless urged customers to change them, as well as for other sites where they may have used the same username and password combination.
VTech said that it presently believes that none of the compromised “data has been used or distributed criminally”.
“We have appointed data security legal specialists who are in the process of liaising with local authorities,” the company went on to say.
“We are committed to learning from this incident – making the necessary improvements to our network security.”
Author Narinder Purba, We Live Security