Author Topic: Internet-Connected Bears Hack Exposes 2 Million Voice Messages, 800K Credentials  (Read 31 times)

0 Members and 1 Guest are viewing this topic.

Offline Quizmaster

  • Flying Nurse
  • Seasonal Competition Team
  • *
  • Posts: 23301
    • Smokey's Security Forums
  • .: Surf Queen
Internet-Connected Bears Hack Exposes 2 Million Voice Messages, 800K Credentials
28 February 2017, 1:18 pm

Everyone who has kids loves getting them the latest cool toys available, but some of them are downright dangerous, especially those that are able to connect to the Internet, such as CloudPets. In fact, these adorable little plush toys just managed to leak 800,000 user account credentials and 2 million message recordings for anyone to listen to. 

It seems that between Christmas and until the first week of January, the company behind CloudPets, Spiral Toys, left customer data on a database that wasn't protected by a firewall or a password. Search engine Shodan, often used to find unprotected websites and servers, was put to use to find the MongoDB where all the CloudPets data was stored. 

So what was exposed? Well, more than 800,000 emails and passwords. Thankfully, they were secured with bcrypt, a hashing function that's stronger and harder to crack than others more frequently used. Troy Hunt, security researcher behind Have I Been Pwned, Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks