Remember when there was nothing more innocent and incorruptible as a child’s teddy bear? For all the potential good the internet can bring, there are some things that should just not get connected, at least until we can secure data properly. The latest black eye for the “Internet of Things” (IoT) comes in the form of a line of stuffed animals that can record and relay messages back and forth between parent and child. While wholesome and lovely in theory, the whole implementation is undermined by poor security and what appears to be a non-trivial amount of carelessness, all the ingredients for a disastrous internet breach. Reports vary, but anywhere from 500k-800k “users” data was exposed to an unknowable number of unauthorized eyes. This data included both identifying information as well as the actual voice messages from both adults and children.
What this means for you:
If you happened to be the (no longer) proud owner of a CloudPet, you have the unenviable responsibility of trying to explain to your child why they can’t use the thing that made this toy special. Hopefully it won’t be traumatizing. While you may be able to enjoy some schadenfreude from the possibility that the company appears well on it’s way to failure, this also means that there will be no recourse or recompense for saddling you with a toy that violated your family’s privacy. Not a CloudPet user? Regardless if you are a parent, relative or even just a friend, think twice before giving a small child an internet-connected toy. Very clearly, we, and the internet, are not ready for such a thing.