Knowledge

CloudPets

Source 📝

68:
requirements on users of the service—they had previously not enforced any password complexity requirements and their documentation had suggested short, weak passwords. Numerous journalists and security researchers including Hunt noted that the company was non-responsive to disclosures from security
37:
Security researchers demonstrated that the toy itself was insecure and could be trivially accessed via Bluetooth. The personal records of over 820,000 owners of the toy were stored in an insecure
134: 338: 57:, a database of users whose data has been compromised. The database of user records also contained links pointing to over 2.2 million audio files hosted on 279: 167: 34:
to connect to a parent's smartphone to allow distant family members to send voice messages to the toy, and allow children to send voice messages back.
109: 142: 254: 26:
manufactured by now defunct Spiral Toys that was the subject of numerous security vulnerabilities in February 2017. The plush
205: 318: 328: 61:
containing the voice messages sent to and from the toys. Hunt stated that the database hack was "ridiculously easy".
343: 333: 323: 313: 308: 58: 54: 49:
address. Data retrieved from the CloudPets database was sent to the Australian security researcher
83: 175: 78: 280:"Millions Of Private Messages Between Parents And Kids Hacked In Cloud Pets Security Breach" 88: 64:
Following disclosure of security vulnerabilities, CloudPets started enforcing stronger
302: 229: 27: 179: 50: 31: 65: 23: 46: 38: 206:"Stuffed toys leak millions of voice recordings from kids and parents" 110:"The Latest Privacy Nightmare For Parents: Data Leaks From Smart Toys" 42: 255:"CloudPets' data breach underlines need for secure cloud apps" 168:"CloudPets stuffed toys leak details of half a million users" 135:"Smart teddy bears involved in a contentious data breach" 41:
database. Attackers also replaced the database with a
230:"Children's messages in CloudPets data breach" 8: 69:researchers and enquiries from journalists. 91:, another Internet-connected children's toy 100: 7: 199: 197: 195: 161: 159: 339:Criticisms of software and websites 14: 16:Internet-connected soft toy line 1: 204:Larson, Selena (2017-02-27). 278:Cooper, Luke (2017-02-28). 360: 22:was an Internet-connected 166:Hern, Alex (2017-02-28). 45:demand pointing to a 319:Hacking in the 2010s 59:Amazon Web Services 53:who included it in 329:Internet of things 84:Internet of things 55:Have I Been Pwned? 344:Toy controversies 79:Computer security 30:-style toys used 351: 294: 293: 291: 290: 275: 269: 268: 266: 265: 251: 245: 244: 242: 241: 226: 220: 219: 217: 216: 201: 190: 189: 187: 186: 163: 154: 153: 151: 150: 145:on March 1, 2017 141:. Archived from 130: 124: 123: 121: 120: 105: 359: 358: 354: 353: 352: 350: 349: 348: 334:Electronic toys 299: 298: 297: 288: 286: 284:Huffington Post 277: 276: 272: 263: 261: 253: 252: 248: 239: 237: 228: 227: 223: 214: 212: 203: 202: 193: 184: 182: 165: 164: 157: 148: 146: 132: 131: 127: 118: 116: 107: 106: 102: 98: 89:My Friend Cayla 75: 17: 12: 11: 5: 357: 355: 347: 346: 341: 336: 331: 326: 321: 316: 311: 301: 300: 296: 295: 270: 259:ComputerWeekly 246: 221: 191: 155: 133:Kan, Michael. 125: 108:Mathews, Lee. 99: 97: 94: 93: 92: 86: 81: 74: 71: 15: 13: 10: 9: 6: 4: 3: 2: 356: 345: 342: 340: 337: 335: 332: 330: 327: 325: 322: 320: 317: 315: 312: 310: 307: 306: 304: 285: 281: 274: 271: 260: 256: 250: 247: 235: 231: 225: 222: 211: 207: 200: 198: 196: 192: 181: 177: 173: 169: 162: 160: 156: 144: 140: 139:Network World 136: 129: 126: 115: 111: 104: 101: 95: 90: 87: 85: 82: 80: 77: 76: 72: 70: 67: 62: 60: 56: 52: 48: 44: 40: 35: 33: 29: 25: 21: 324:Cyberattacks 287:. Retrieved 283: 273: 262:. Retrieved 258: 249: 238:. Retrieved 236:. 2017-02-28 233: 224: 213:. Retrieved 209: 183:. Retrieved 172:The Guardian 171: 147:. Retrieved 143:the original 138: 128: 117:. Retrieved 113: 103: 63: 36: 19: 18: 314:Teddy bears 309:2010s toys 303:Categories 289:2017-08-06 264:2017-08-06 240:2017-08-06 215:2017-08-06 185:2017-08-06 149:2017-08-06 119:2017-08-06 96:References 28:teddy bear 180:0261-3077 51:Troy Hunt 32:Bluetooth 20:CloudPets 234:BBC News 210:CNNMoney 73:See also 66:password 24:soft toy 47:Bitcoin 39:MongoDB 178:  114:Forbes 43:ransom 176:ISSN 305:: 282:. 257:. 232:. 208:. 194:^ 174:. 170:. 158:^ 137:. 112:. 292:. 267:. 243:. 218:. 188:. 152:. 122:.

Index

soft toy
teddy bear
Bluetooth
MongoDB
ransom
Bitcoin
Troy Hunt
Have I Been Pwned?
Amazon Web Services
password
Computer security
Internet of things
My Friend Cayla
"The Latest Privacy Nightmare For Parents: Data Leaks From Smart Toys"
"Smart teddy bears involved in a contentious data breach"
the original


"CloudPets stuffed toys leak details of half a million users"
ISSN
0261-3077



"Stuffed toys leak millions of voice recordings from kids and parents"
"Children's messages in CloudPets data breach"
"CloudPets' data breach underlines need for secure cloud apps"
"Millions Of Private Messages Between Parents And Kids Hacked In Cloud Pets Security Breach"
Categories
2010s toys

Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.