Parents around the world have been understandably shaken by the hacking of a VTech database containing information on the more than 6 million children who use the company's toys (You can read the story here). But what's a parent to do? Internet-connected toys such as VTech's tablets, which ask parents to create personalized profiles for their children, continue to grow in popularity and are expected on many holiday gift lifts this season.
Here are some answers to common questions about VTech's breach and how to protect your kids' information online:
What kind of information did hackers access in the VTech breach?
The attack compromised the profiles of 6.4 million kids around the world, along with the 4.9 million parent accounts that they were connected to. The parental accounts included names, email addresses, secret questions and answers for password retrieval, numeric Internet Protocol addresses, mailing addresses, download histories and encrypted passwords. But information in the children's accounts was restricted to names, ages and genders, the Hong Kong-based company says. Some reports suggested that photos of children and chats between kids and their parents might also have been accessed, but VTech Holdings Ltd. says it's still investigating and can't confirm that yet.
Why is this a big deal?
The worry is that even basic pieces of information could allow nefarious people to start building profiles of children, potentially setting them up for identity theft or worse down the road. David Dewey, director of research for Pindrop Security, says kids have no credit history and their parents generally aren't checking their credit reports, making them easy targets.
"Fraud could go undetected for years, till they try to open what they think is their first credit card account," says Dewey, also a father to a pair of elementary school-aged girls.
While the worst case scenario would be for the information to be used to kidnap a child, the scenario of a "virtual kidnapping" is more likely, he says.
Is it safe to enter information about my kids into toys like these?
Parents have become very accustomed to handing over personal information to companies in order to get a more personalized experience, whether they're setting up a kid's toy or signing up for Netflix. But there's always a chance that the database where it's stored could be hacked. Parents have to weigh the importance of the information they're giving up against the benefits of having it collected.
Mark Nunnikhoven, vice president of cloud research for the IT security company Trend Micro, notes that when it comes to toys like VTech's, there's nothing stopping you from setting up your child's account with a different name, fake picture and other false information. And most of the time, you can refuse to provide it all together.
What about social media?
It's not realistic to expect most parents to stop posting childhood milestones on Facebook. Social media is often the most efficient way to share pictures and videos with friends and family who live far away. But Nunnikhoven, also a father to two young kids, says it's important that parents monitor their privacy settings and make sure that what their posting is only going to friends and family. Parents also should think twice before posting pictures of events like school outings and concerts where there are other children involved. And it's generally a good idea to stay away from Twitter, which basically broadcasts your information to the entire world, he says.
What about tweets and teens with their own accounts? Is it even possible to control them?
Nunnikhoven says that like any other tough issue you talk about with your kids, the important thing is to keep talking about it.
"Not only are the children changing faster than we would like, so is the technology," he says. "As a parent, you need to stay on top of those things."
Source: CBS News
No comments:
Post a Comment