WORCESTER (CBS) – Some of this season’s hottest toys could put your family’s privacy a risk. They are new WiFi enabled toys. The most popular of the so-called “smart toys” is Hello Barbie. The doll has conversations with a child, but also transmits the information to the manufacturers server where it’s stored.
“A lot of information that the child is providing is going outside your home to a server where it’s stored and processed,” explained Krishna Venkatasubramanian of Worcester Polytechnic Institute.
And that means, the toys can also be exposed to hackers.
Venkatasubramanian and Craig Shue, another computer security expert from WPI took a closer look at some of these WiFi enabled toys.
“On this device it says it’s kid safe internet check mark,” observed Shue. What does that mean? “Nothing,” he says. It’s all marketing.
Already this year, white hat hackers exposed a major data breach with the VTech Innotab tablet. They were able to access photos and chat logs from children.
“Nothing happened to the device as far as we know, but the server got hacked and there they found this treasure trove of data,” said Venkatasubramanian.
Shue added, “one single attack vector lets you in and for example this device might be now a recording device that’s in your home, hanging out with your child all day, uploading that information to who knows where.”
As for Hello Barbie, the Campaign for a Commercial Free Childhood calls her this year’s “worst toy.”
“To think that corporations are actually listening to those conversations, those private moments, and figuring how they can monetize that, is beyond creepy,” says Josh Golin.
It might leave parents longing for the days of simpler toys.
“I think it’s extremely concerning. I think you just have to be extremely aware of what your kids are buying and what you’re allowing your kids to utilize,” Vivian Williams said as she shopped with her toddler son.
“Thinking about someone hacking into her personal toys to get to our family info is just really crazy,” said the mom of a six year old girl.
But it’s not a trend that’s going away. Our experts say, if you decide to get one of these toys, be very careful what information your child shares. And remember, it can record anything going on in the room.
The I-Team reached out to the makers of these toys. Neither Mattel nor VTech responded.
According to their website Hello Barbie has started a bug bounty program to identify security flaws and improve safety.