Last week children’s toy manufacturer VTech suffered a data breach, and today the company announced its magnitude: five million customers’ data.
According to the company, an “unauthorized party” hacked into its “Learning Lodge” app store database—a VTech service where customers download games, e-books, and to their toys—which contains email addresses, passwords, security questions, IP addresses, mailing addresses, and download history. In addition to the adult information, the database contains children’s names, genders, and birthdays.
Despite the severity of this data breach, it did not contain social security numbers, license numbers, or credit card numbers. VTech uses a third party for payments, so it does not have that information.
In a press release, the company said it has contacted the “every account holder in the database” and opened up contact emails for people with questions. For US customers, that email is “email@example.com“.
VTech toys include a smartwatch for kids, Disney-themed educational software and the InnoTV wireless gaming system. The Learning Lodge is currently suspended for the time being, as security is stepped up.