“A company that sells ‘smart’ teddy bears leaked 800,000 user account credentials — and then hackers locked it and held it for ransom,” Lorenzo Franceschi-Bicchierai reports for Motherboard.
“A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange heartfelt messages left more than 800,000 customer credentials, as well as two million message recordings, totally exposed online for anyone to see and listen,” Franceschi-Bicchierai reports. “Since Christmas day of last year and at least until the first week of January, Spiral Toys left customer data of its CloudPets brand on a database that wasn’t behind a firewall or password-protected.”
“During the time the data was exposed, at least two security researchers, and likely malicious hackers, got their hands on it,” Franceschi-Bicchierai reports. “In fact, at the beginning of January, during the time several cybercriminals were actively scanning the internet for exposed MongoDB’s databases to delete their data and hold it for ransom, CloudPets’ data was overwritten twice, according to researchers.”
Read more in the full article here.
MacDailyNews Take: As we often say: If it’s not HomeKit-compatible, it’s not going in our homes or offices.
SEE ALSO:
DDoS attack: Apple’s HomeKit for a safer smarthome – October 24, 2016
Honeywell unveils Apple HomeKit-compatible Lyric T5 Wi-Fi thermostat – September 27, 2016
Google’s flaky Nest thermostat shakes users’ trust in the Internet of Things – January 19, 2016
Google’s Nest thermostat bug leaves users cold, angry – January 14, 2016
Honeywell announces ‘Lyric Round’ smart thermostat with Apple HomeKit integration – January 5, 2016
Apple HomeKit-compatible thermostat Ecobee closes in on Google’s Nest – September 28, 2015
Apple pulls Google’s Nest thermostat from stores with launch of HomeKit-compatible Ecobee 3 – July 23, 2015
First Apple-certified HomeKit-compliant devices launch – June 2, 2015
Google engineer trashes Tony Fadell’s precious Nest smoke alarm – February 19, 2015
With HomeKit and Honeywell’s Lyric, a Nest acquisition by Apple would have been foolish – June 18, 2014
Will Apple’s Internet of Things vision hurt a beautiful idea? With HomeKit, Apple promises easy home automation – June 6, 2014
Smart thermostat war heats up as Apple-partner Honeywell takes aim at Google’s Nest – June 13, 2014
Honeywell takes dead aim at Google’s Nest with new iPhone-compatible Lyric smart thermostat – June 10, 2014
Google to SEC: We could serve ads on thermostats, refrigerators, car dashboards, and more – May 21, 2014
Dead to me: Apple’s Schiller ‘unfollows’ Tony Fadell and Nest after Google acquisition – January 18, 201
Cocoa Boy ain’t gonna like this.
Off topic somewhat but for some reason Pedo Bear entered my thoughts.
Nice. Very nice. Big brother bear is listening.
Are you sure Google is not somehow connected with that s scheme?
Wasn’t that smart then, after all.
At least the Bears weren’t refining uranium!
IoT = Internet of (insecure) Trash at this point in time. Expect IoT devices to be DANGEROUS. The vast majority of devices are not remotely ready for prime time. The ARE ready for prime hacking. Not a joke.
How to mitigate security risks associated with IoT
It is clear there is an awful lot to do when it comes to addressing the cyber risks that the use of smart devices introduces to businesses and consumer households alike. Currently, it seems that from a security standpoint, the IoT represents a retrograde step in cyber risk management.
Back in 2010, Steve Jobs was invited to D8 Conference, and he was asked to talk about privacy. His take was pretty clear: “We worry about location in phones and we worry that some 14 year old is going to get stalked because of our phone, so before any app can get their location data, we don’t make a rule that they can put up a panel and ask for that. They make a call and we put up a panel saying this app wants to use your location data. Is that OK? And we do that every time. We have rejected a lot of apps that want to take a lot of personal data and suck it up into the cloud. We are old fashioned about privacy.”
[Source: http://news.softpedia.com/news/siri-vs-google-assistant-the-virtual-assistants-battle-is-all-about-privacy-504712.shtml%5D