While the Black Friday and Cyber Monday cyberthreats are behind us, we cannot let our guard down, as ID- theft criminals continue to target new access points through the Internet of Things — for example, children’s toys.
Mattel’s Barbie Doll, the iconic doll series coveted by millions of children, has now become “smart,” and that sadly means there’s a dark side. The cybervulnerability of smart toys is all too real.
Smart toys, similar to other smart devices and appliances, connect to your home’s Wi-Fi network. This means that if compromised, criminals have a conduit into all activities on your home network. ID-theft criminals may then attempt to garner your personally identifiable information, access your home security system or listen to personal conversations through baby monitors or even the new Hello Barbie doll.
According to the Huffington Post, the new Hello Barbie doll, which connects to the Web to provide answers to your children’s questions, “uses a microphone, voice recognition software and artificial intelligence to enable a call-and-response function similar to Siri or Google Now. A free smartphone app that connects the toy to a user’s Wi-Fi network brings this Barbie into a class of technology often referred to as the Internet of Things, or IoT.”
To the credit of Mattel, the company that markets the Barbie brand, it has partnered with entertainment company ToyTalk to develop the doll’s information-security technology to minimize potential security issues and to protect consumers’ security.
However, it’s not just smart toys that create an opportunity for cybercriminals to steal our children’s information, such as names, ages and even photographs. It’s also through direct attacks on organizations where parents register their children’s information, such as VTech, a recent data-breach victim with millions of records compromised.
The VTech website advises that “4.8 million customer (parent) accounts and 6.3 million related kid profiles worldwide are affected, which includes approximately 1.2 million Kid Connect parent accounts. In addition, there are 235,000 parent and 227,000 kids accounts in PlanetVTech. Kid profiles, unlike account profiles, only include name, gender and birthdate.”
Mark’s most important: Don’t let cybercriminals steal your happy holidays by using strong and up-to-date Wi-Fi security along with strong password management.
Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., an ID theft-background screening company based in Phoenix. Contact him at firstname.lastname@example.org.