More than a year after CloudPets connected teddy bears were found to have exposed 2.2 million voice recordings between parents and their children in a significant data breach, Amazon, Target and Walmart have pulled the toys from their online markets. But it’s the installed base of the connected cuddlies that should be of greater concern.
Connected toys and their attendant security concerns typically make the most news around the holidays, but a recent security audit shows that privacy problems are an evergreen issue. Working with cybersecurity research firm Cure53, Mozilla recently found unfixed and new vulnerabilities in the discontinued toys — which prompted the Electronic Frontier Foundation (EFF) on May 28, 2018 to write a letter [PDF] to major retailers in concern.
Leave a reply