While it seems that cyber hacking stories make headlines on a daily basis, we do not often hear about the hacking of children’s data. Well, that is exactly what happened last month at the VTech company, and now British authorities have identified and arrested a 21-year old man in the country’s capital. The VTech hack exposed the data of almost 6.5 million children and compromised the accounts of millions of more adults.
Authorities have not yet released the name of the suspect. But, a regional cybercrime unit said in a statement on Tuesday that the man is being held for allegedly violating the United Kingdom’s Computer Misuse Act of 1990.
The cyber attack struck VTech, a Hong Kong-based company specializing in educational tools and digital toys for children, including apps and tablets. Specifically, the database of VTech’s “Learning Lodge” app was breached in the attack. The hack resulted in the exposure of the profiles of 6.4 million children and the accounts of 5 million parents.
Moreover, the “Planet VTech” accounts of 228,000 children and 236,000 parents were compromised. The fact that children’s data was hacked and exposed gives this cyberattack a unique face.
The information from parents’ accounts that were hacked include names, passwords (and their secret questions and answers), IP addresses, mailing addresses, email addresses and Internet download histories.
While VTech reported that the “only” information stolen from the children’s profiles included names, birthdates and genders, that did little to assuage the concerns and fears of both parents and government officials. It is unknown at this time (to the public at least) whether photographs, video chats or any other information related to children’s accounts were also stolen.
The vast majority of affected accounts belonged to children and parents in the United States, the United Kingdom, France and Germany. Law enforcement agencies from these countries as well as Hong Kong are investigating the information breach.