Tech Toy Maker Hack Exposed Data on 5 Million Customers

The Hong Kong-based electronics giant confirmed in a statement that a November 14 hack of its "Learning Lodge" app store database betrayed the intimate details of almost 5 million adult customer accounts, including IP and email addresses, passwords, login secret questions and answers and device download histories.

"When it's hundreds of thousands of children including their names, genders and birthdates, that's off the charts", he said. Hackers gained access to VTech's Learning Lodge website, where parents can download apps, e-books and other materials for their toys.

According to "Have I been Pwned", a website dedicated to detailing the Internet's worst data breaches, the VTech hack is the fourth largest consumer data breach to date. The company also states that it's now reaching out to individual customers listed in the database via email, telling them of the hacking and the possibility of their exposed information. "We received an email from a Canadian journalist asking about the incident on November 23 EST", the company says in a FAQ for affected customers.

Chester Wisniewski, a senior security adviser at Sophos Canada in Vancouver, says VTech customers should not be completely reassured simply because no credit card numbers were exposed.

The company emphasizes that its Learning Lodge customer database does not store credit card information and any personal identification data like ID card numbers, driving license numbers, and Social Security numbers.

There remains no evidence the hacker in the breach is seeking to profit from the data or cause harm to those affected.

Vtech makes many technology products with cameras, such as child-friendly tablet computers and a smartwatch, which can be used to chat with parents.

Is Vtech contacting affected customers? The company has not yet responded to a request for comment on this story from FoxNews.com.

The hack impacted worldwide users of VTech's app store, Learning Lodge, which has been temporarily shut down while an investigation is ongoing.

VTech was slow to respond to reports of the hack when they first appeared on Friday.

After working closely with Motherboard, Australian security specialist Troy Hunt wrote a blog post on Saturday, explaining that Vtech had very poor security protocols in place.