Jump directly to the content
'HACKERS TARGETING TODDLERS'

Cuddly toy firm CloudPets publishes tens of thousands of recordings of children’s voices online

Parents unaware that messages recorded on 'smart toys' are stored in an online database

HACKERS may have harvested tens of thousands of voice recordings of young British children after a "smart" toys manufacturer posted their details online.

CloudPets have published more than two million of their customers' email addresses and passwords in an online database, security researchers have said.

 CloudPets cuddly toys speak back to children by allowing them to record and play messages
3
CloudPets cuddly toys speak back to children by allowing them to record and play messagesCredit: Cloud Pets
 The CloudPets toys, not pictured, are marketed as being a 'message you can hug'
3
The CloudPets toys, not pictured, are marketed as being a 'message you can hug'Credit: Getty Images

The researchers said that roughly 28,000 of those details would have been from the UK,

Troy Hunt, a web security researcher, said the number of affected UK parents stretches into the "many tens of thousands" when British customers with non-location emails are taken into account.

CloudPets make cuddly toys marketed as a "message you can hug" - allowing parents and children to record voice messages which are played when a button is pressed.

The stuffed toys are paired up with a mobile app.

Many parents are unaware these private audio files are also stored in an online database.

Security researchers have found that user details for 820,000 of the toys could be accessed in a public database without a password.

They also discovered that when passwords were in place they were easily guessable - such as "12345" or "password".

The concerns come after it emerged a similar toy on sale could be hacked so that children and parents could be spied on.

A watchdog in Germany urged parents to destroy the My Friend Cayla doll which uses Bluetooth to have "conversations" with children.

The toy is able to ask children up to 3,000 questions.

 Security experts are warning parents to wary of 'smart' toys that have interactive or recording features
3
Security experts are warning parents to wary of 'smart' toys that have interactive or recording featuresCredit: Getty Images

Security experts are advising parents not to buy "smart" toys unless they are willing for their personal information to be shared on a public platform.

, the manufacturer of CloudPets, said the hackers would only have been able to access recordings where they managed to guess passwords.

They also said there was no evidence any accounts had been breached.

The firm added that it had upgraded its security and was planning a password reset for its users.

No publicly accessible databases belonging to the company have been online since mid-January.

The Sun has contacted Spiral Toys for further comment.

Last month it was reported that Microsoft internet apps have a "high level" bug that allows attackers to hijack victim's browsers.

Holidaymakers were warned hackers could ruin millions of people's summers by targeting airlines.

 

Topics