• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Consumer   »   Understanding the Risks of the VTech Data Breach

Understanding the Risks of the VTech Data Breach

  • Posted on:December 1, 2015
  • Posted in:Consumer, Cybercrime, Security
  • Posted by:Christopher Budd (Global Threat Communications)
0

Over the Thanksgiving holiday, the children’s electronic toy maker VTech confirmed a data breach that affects nearly 5 million parents and 200,000 children around the world.

The latest reports indicate that this data breach includes names and addresses of parents, names and ages of children, as well as videos, pictures, audio files, and chat logs. Independent analysis of the stolen data shows that it’s possible for all of the stolen information to be knit together, so attackers can potentially associate pictures, videos, audio files, and chat logs with specific children, their parents and home addresses.

In a worst case scenario, this means that the stolen data could be used to build profiles of children that include their name, age, parent’s name, home address, and from chat logs, information that only a trusted adult would know, such as a child’s favorite toy and the name of their siblings.

Right now, there is no indication that the worst case has happened – the attacker behind this data breach claims they are holding the data securely and won’t sell it. In addition, there’s no sign of this data on criminal undergrounds that we monitor. But that could always change.

What Parents Should Do

If you’re the parent of a child that’s used VTech devices, be aware of this situation and watch for more information from VTech on their website. Thus far, VTech hasn’t provided a great deal of information but this could change as more details emerge.  Additionally, be vigilant for phishing attempts against yourselves and your children. Products like Trend Micro™ Security have built in anti-phishing capabilities that can help safeguard your systems and devices against such attacks.

Even if your children haven’t used VTech devices, you should take time now and reexamine what information you provide about yourself and your children online. Even if your child isn’t online themselves, as a parent you are likely already building up their digital footprint, and this incident shows what can happen when that data is stolen.

When posting information about your children, all parents should ask themselves, “What’s the worst that could happen if this is made public?” If you answer isn’t a good one, don’t post it. In particular, don’t post pictures and videos that are tied to your child’s identity, provide information about your child’s physical location, or information that could make a stranger seem like a trusted adult.

This is advice not just for parents but for everyone that is responsible for the safety and well-being of children. Grandparents, aunts, uncles, family friends – everyone is responsible for ensuring the online safety of the children they care for by being mindful of the digital footprint they’re building for them.

With kids growing up in this interconnected world, it is imperative parents and guardians educate their children on potential online dangers, as well as prevent and protect their personal identifiable information from harm. For more family safety tips, click here.

Since 2008, Trend Micro’s Internet Safety for Kids & Families has been enabling and empowering kids, parents, teachers, and schools around the world to make the Internet a safe and secure place for today’s youth. You can access a wealth of information on our site.

As always, we will watch this situation and provide any updates as more information comes out.

Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.

Related posts:

  1. Back to School – but the Online Risks are the Same
  2. What Can Defenders Learn From VTech?
  3. Ensuring Internet Safety for Kids Requires Careful Mix
  4. Kids and Internet Safety: How Parents Should Have ‘The Conversation’

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Offerings Are FedRAMP Authorized and Available on AWS
  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.