Digital security is important in this day and age, with access from across the world to your information meaning not only you can access all that information. With big companies like TalkTalk finding out the hard way that even a single breach can cause your company untold harm to both your image and credibility. The issue is only made worse though when the information relates to the young.
VTech found out the hard way when it was revealed that their hacked data included photos and chat logs. This time up it’s the software firm known as uKnowKids. uKnowKids is a subscription-based service designed to help parents track their children’s online activity. The supposed hack is the work of none other than security researcher Chris Vickery. Vickery states that all he did was use the search engine Shodan and he managed to locate millions of text messages and images, amongst the data was around 1,700 “detailed child profiles”.
The information was apparently obtained from a database which hadn’t been password protected, meaning that it was freely accessible from the web. uKnownKids disagrees and says that the “vulnerability” was patched within 90 minutes of Vickery notifying them. The worse part is that they claim they haven’t been able to identify him as a “white hat” security researcher, someone who will identify a vulnerability and then report them and help fix the issues they find.
Steve Woda is the chief executive of uKnowKids and posted a blog stating that one of their databases “was breached by a hacker” and that “Twelve minutes after the final breach… and after taking screenshots of our intellectual property, business data, and customer data, Mr Vickery notified uKnow of his breach of our private systems”.
uKnowKids tracks youngsters online activity from text messages to social media, letting parents keep close tabs on their activity and be aware of any alerting content that could be upsetting or dangerous. It comes as no surprise then that the BBC reports that the data included a family photo, usernames and email address.
Vickery was surprised when they responded in such an aggressive way, saying that other firms would thank you for alerting them to these issues or even hire you to help fix and make sure their security was up to date.