Monday, November 28, 2016

Coal for the "cyber bad guys"

Today, one year ago...

“Dear Wise Men… This year I have been a very good child and I would like to ask you for an electronic toy which I can connect to the Internet, play with, send photos and write chats…”. If your son begins this way the letter to the Three Wise Men or Santa Claus, perhaps it’s time to sit down with him or her to talk about a very serious issue: cybersecurity.  

Just a year ago, VTech, China’s smart toy company, suffered a cyberattack that triggered the data leak of 6.5 million children accounts worldwide and 5 million accounts from their parents. According to the journalist who published the scandal, in the leaked information there were emails, passwords, IP addresses, birth dates, chats history, physical addresses and a huge amount of photographs, in total: 190 GB of images.

Nevertheless, the company tried to calm down the big commotion by assuring users that their credit card numbers were safe. The problem had affected several countries: the United States, France, the United Kingdom, Germany, Canada and Spain, among others.

On December 15th, the police arrested a 21-year-old boy in Berkshire, England, as the alleged suspect in the case. One year later we don’t know anything else; whether he is guilty or innocent. The investigation is still going on.

Due to the leak, VTech changed its Terms and Conditions section in a way that has not convinced customers. “No online company can guarantee 100% that they will not be hacked”, so they warn parents that: “All the information submitted through our apps may not be secure and may be intercepted by unauthorized parties. Therefore, by accepting these conditions, you assume full responsibility for your web browsing and the software you download”.
In other words, if the company suffers another cyberattack in the future, parents won’t be able to complain about it because they agreed to the terms. “Forewarned is forearmed”, that’s what the person who wrote the text may have thought.

Image Source: BBC / Scott Helme

Soon, many security experts described the action as ‘arrogant, unforgivable and ignorant’, and as a way of not taking responsibility for future data leaks. 

Today, it is worth checking the Frequently Asked Questions section on VTech website, updated periodically (last time was on November 17th, 2016). There, they try to answer to 23 questions about how the data breach happened, which information was involved and how many clients were affected by countries.

Dear Wise Men. This year I have been a good child and I would like you to bring me a book to read, those with pages, that will make my parents happy. But I also want to ask you for an electronic toy which I can connect to the Internet, play with, send photos and write chats… And, oh yes, bring coal to the cyber-bad guys! Thanks and Merry Christmas.

Maybe your conversation about cybersecurity with your son or daughter doesn’t have much effect on them, but that’s why we are their parents and it’s us who must watch over their safety.

Main image source: IStockPhoto


Post a Comment