INDEX

Consumer Reports Will Begin Evaluating Connected Products for Privacy and Data Security

by Ryan Harbison | 1Q 2017 | IN-4489

On February 28, 2017, Australian web security expert Troy Hunt revealed that Spiral Toys, the maker of the CloudPets line of stuffed animals, inadvertently exposed over 2 million voice recordings of users, in addition to e-mail addresses and password information for over 800,000 accounts. This hack was due to Spiral Toys using an Amazon-hosted service with no authorization required to store the recordings, along with the CloudPets service having overly permissive password policies. This is not the first time that connected toy products exposed the information of parents and their children. In November 2015, the VTech hack exposed the personal information of nearly 5 million adults and 200,000 children. As a direct result of these hacks and others, Consumer Reports announced in early March (2017) that it was going to begin evaluating connected products and services for privacy and data security. Additionally, Consumer Reports announced that it would create standards and test protocols for these connected products because the government is not adequately addressing the problems with these devices in the marketplace.

You must be a subscriber to view this Insight.

To find out more about subscribing:
Contact a representative about purchasing options.