Kids electronic toys may be vulnerable to hacking
hacked electronic toys

Kids electronic toys may be vulnerable to hacking

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

In recent years, we’ve seen advancements in technology hurtle forward at an incredible pace, and children’s electronic toys can sometimes be at the forefront of such developments. Many kids don’t want plain teddy bears and dolls any more; they want intelligent robots that can interact with them.

Consumer watchdog, Which?, joined up with a similar German organisation, Stiftung Warentat, and together they made the chilling discovery that a lot of popular kids electronic toys can apparently be hacked. Enlisting the help of third-party security experts, they tested seven different toys and four of them were vulnerable to hacking.

The following four failed the test:

  • CloudPet cuddly toys
  • Furby connect
  • I-Que intelligent robot
  • Toy-fi Teddy

Adults can connect some of the above toys to their phones to control them remotely and communicate with a child. These toys reportedly have unsecured Bluetooth connections which means that third parties can access the connection without a password or a PIN. Okay, hackers may need to be in fairly close proximity to tap into the Bluetooth connection, but it still allows nearby neighbours – especially in tightly packed apartments – the opportunity to hack a nearby toy with ease.

The experts managed to hack into the Furby using a laptop and uploaded their own audio file, which the Furby then played out. This means that hackers nearby could talk to children through their Furby toy.

The risk to children is horrifying as they are vulnerable and often easy to manipulate. Hackers could in theory instruct a child to do anything they want.

A similar situation reportedly played out with the I-Que Intelligent Robot. The experts simply downloaded the I-Que app, searched for a nearby device, and connected to it. From there, the experts could type anything they wanted into the text field and the robot would read it out loud.

The same Bluetooth vulnerability allowed the experts to make audio messages for the CloudPets toys and the Toy-go Teddy. Which? recommends that children do not play with these toys on their own.

Wowee Chip, a robot dog, apparently also has the same vulnerability, but experts were unable to use it to speak through it. Generally, Bluetooth connection only works within a 12 metre radius, but there are ways to extend the connection.

Back in September 2015, Smart Toy Bear was discovered to be hackable. Hackers could get into the toy’s connected app and steal the child’s name, birth date, gender and other information. After manufacturer Fisher-Price found out about the vulnerability, they quickly patched it up. One of the researchers who discovered the breach, Rod Beardsley, warned that hackers could target the family and trick them into providing more information by phishing. He also noted that parents often use children’s names as their passwords.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon