The Guardian by Danny Hadron
Security researchers have found a flaw in the Smart Toy internet-connected teddy bear that used a child’s name, birthday and gender
Naturally, it’s hackable.
Researchers at Rapid7, a Boston-based security company, found that the app connected to the Fisher-Price toy had several security flaws that would allow a hacker to steal a child’s name, birthdate and gender, along with other data. The toymaker encourages parents to use the app so that the toy can better interact with children.
Fisher-Price has since fixed the issue, Rapid7 said.
In a statement, Fisher Price said: “We recently learned of a security vulnerability with our Fisher-Price WiFi-connected Smart Toy Bear. We have remediated the situation and have no reason to believe that customer information was accessed by any unauthorized person. […]
“We have remediated the situation and have no reason to believe that customer information was accessed by any unauthorized person.” That is, of course, until they find out otherwise or it becomes public knowledge.
“Smart products” leave the consumer vulnerable to spying, phishing, data mining, and fraud. Translation: These items are VERY hackable.