“A company that sells ‘smart’ teddy bears leaked 800,000 user account credentials — and then hackers locked it and held it for ransom,” Lorenzo Franceschi-Bicchierai reports for Motherboard.
“A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange heartfelt messages left more than 800,000 customer credentials, as well as two million message recordings, totally exposed online for anyone to see and listen,” Franceschi-Bicchierai reports. “Since Christmas day of last year and at least until the first week of January, Spiral Toys left customer data of its CloudPets brand on a database that wasn’t behind a firewall or password-protected.”
“During the time the data was exposed, at least two security researchers, and likely malicious hackers, got their hands on it,” Franceschi-Bicchierai reports. “In fact, at the beginning of January, during the time several cybercriminals were actively scanning the internet for exposed MongoDB’s databases to delete their data and hold it for ransom, CloudPets’ data was overwritten twice, according to researchers.”
Read more in the full article here.
About Post Author
Share this via:
