Mar 1, 2017
A security vulnerability allowed anyone to view personal information, photos and recordings of children's voices from CloudPets toys.
seen from United States
seen from Germany
seen from China
seen from Germany
seen from China
seen from Canada
seen from United Kingdom
seen from Netherlands
seen from United States
seen from United States
seen from Australia
seen from China
seen from Netherlands
seen from Canada
seen from China
seen from China
seen from Syria
seen from Netherlands
seen from Denmark
seen from Mexico
A security vulnerability allowed anyone to view personal information, photos and recordings of children's voices from CloudPets toys.
Does anyone else have CloudPets?
I found this guy in storage, and I did some research on the brand. '^'
Apparently, CloudPets used Bluetooth to connect to a parent's smartphone, allowing distant family members to send voice messages to the toy, and allowing children to send voice messages back.
Which is probably the reason for these buttons on their paws. :3
Did anyone have this toy as a kid? >_<
Amazon and eBay pull CloudPets smart toys from sale
Amazon and eBay pull CloudPets smart toys from sale
[ad_1]
Image copyright Spiral Toys
Image caption Owners controlled audio recordings by pressing the toys’ paws
Amazon and eBay are among retailers pulling a brand of cuddly smart toys from sale after warnings they pose a cyber-security threat.
Concerns were raised about CloudPets…
View On WordPress
Anyone would think it's just been Christmas 😂 . . . . #toycorner #playtime #vtech #disneybaby #fisherprice #cloudpets #leapfrog #paddingtonbear #toys #luckygirl #christmaspresents #lucky
Only a couple of weeks ago, there were a lot of news headlines about how Germany had banned an internet-connected doll called "Cayla" over fears hackers could target children. One of their primary concerns was the potential risk to the privacy of children:
[Parents] don't necessarily realise that every one of those recordings – those intimate, heartfelt, extremely personal recordings – between a parent and their child is stored as an audio file on the web. They certainly wouldn't realise that in CloudPets' case, that data was stored in a MongoDB that was in a publicly facing network segment without any authentication required and had been indexed by Shodan (a popular search engine for finding connected things). Unfortunately, things only went downhill from there.
CloudPets’ data breach underlines need for secure cloud apps
CloudPets’ data breach underlines need for secure cloud apps
The leak of nearly two.2 million voice recordings of youngsters and oldsters, email addresses and passwords from a MongoDB info was uncovered by Troy Hunt, WHO runs the HaveIBeenPwned website. The internet of things (IoT) toy concerned is a part of Spiral Toys’ CloudPets vary of connected stuffed toys designed to change folks and kids to remain in contact through voice messages. The poorly…
View On WordPress
IoT Risks Are Worrisome, with Hacked Toys and Privacy in Harm's Way
IoT Risks Are Worrisome, with Hacked Toys and Privacy in Harm’s Way
An information containing account data used by children’s stuffed toys has been hacked, exposing the private details of many thousands of fogeys and their kids. The latest security debacle comes courtesy of toys known as CloudPets. Marketed as “the message you’ll be able to hug,” the Bluetooth-enabled stuffed animals area unit connected to a cloud server, permitting oldsters and youngsters to…
View On WordPress
Stuffed toys leak millions of voice recordings from kids and parents
CloudPets stuffed animals are toys which can connect to a mobile device to send messages, videos and audio clips to family members. However, investigators have found that the database where these clips are stored is not very secure and does not require authentication for access. CloudPets appears to be unresponsive on this matter.
http://money.cnn.com/2017/02/27/technology/cloudpets-data-leak-voices-photos/index.html