{"id":7371,"date":"2017-02-28T09:25:51","date_gmt":"2017-02-28T08:25:51","guid":{"rendered":"https:\/\/edorteam.com\/security-breach-in-toy-company\/"},"modified":"2021-08-20T10:33:44","modified_gmt":"2021-08-20T08:33:44","slug":"security-breach-in-toy-company","status":"publish","type":"post","link":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/","title":{"rendered":"Security breach in toy company"},"content":{"rendered":"

[et_pb_section admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”4_4″][et_pb_text admin_label=”Texto” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]<\/p>\n

Who Forewarned is forearmed<\/h2>\n

This past Christmas campaign we found in the media as The country<\/a> or 20 minutes<\/a> , different articles referring to toys that had as a differentiating element, the ability to record conversations to later offer interaction with them.<\/p>\n

These media articles warned of the potential risk of this data collection in the form of children’s conversations. A user with an advanced level, could gain access to these records and have this type of data available. A priori it does not seem that they can cause any damage, but they can be used to simulate false kidnappings among other cases that we cannot even imagine. The working method does not differ much from services such as Siri or Google Now, in which our voice is recorded to perform operations on the device.<\/p>\n

[\/et_pb_text][et_pb_image admin_label=”Osos vulnerables” src=”https:\/\/edorteam.com\/wp-content\/uploads\/cp-top-glow.jpg” alt=”unsecured teddy bears that do not comply with the lopd” show_in_lightbox=”off” url_new_window=”off” use_overlay=”off” animation=”off” sticky=”off” align=”center” force_fullwidth=”off” always_center_on_mobile=”on” use_border_color=”off” border_color=”#ffffff” border_style=”solid” \/][et_pb_text admin_label=”El caso” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]<\/p>\n

Exposure of personal data on toys<\/h2>\n

The case that we find is mentioned and analyzed in depth in https:\/\/www.troyhunt.com\/data-from-connected-cloudpets-teddy-bears-leaked-and-ransomed-exposing-kids-voice-messages\/<\/a>[Ingl\u00e9s] it was the worst possible expectation.<\/p>\n

It should be noted that in the United States, they do not have a couple law<\/a> to the Personal Data Protection Law (LOPD), but each state has different regulations by state and in some cases they may contradict each other.<\/p>\n

To put us in context, the toy in question is a stuffed animal where parents and authorized relatives can leave messages for children so that they can receive them while we are at work or are away from them. The company CloudPets, due to poor security measures and implementation of the service, has caused the exposure of the data of its customers, including their email addresses and about 2.2 million audio records of parents and relatives with their sons.<\/p>\n

[\/et_pb_text][et_pb_text admin_label=”Conclusiones” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]<\/p>\n

Conclusions<\/h2>\n

Applied security and software engineering work aside is worthy of a novice, it is a serious violation of the privacy principle that a children’s toy should have. Access to this data is as simple as entering the url associated with the resource and without any impediment we will have access to it.<\/p>\n

In summary and in order not to lengthen ourselves, personal data protection regulations such as those we have in Europe and Spain, with the LOPD may seem a nuisance from the point of view of companies. A bureaucratic procedure that we can carry out with no other objective than to avoid possible fines by complying with the minimum and forget about it until the next review.<\/p>\n

The protection of personal data must be incorporated at all levels in our productive activity since it benefits us all. A gazapo like the one we find in this toy company, apart from being worthy of the corresponding fine, should never have been produced if a protocol such as the one we have in our country with the LOPD had been applied in this American company.<\/p>\n

[\/et_pb_text][et_pb_text admin_label=”Promo” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]<\/p>\n

At Edor Team Soft SL, we have a team of experts who can advise you on your projects, IT or not, when applying the IT security measures that your company requires, depending on the level of confidentiality of the data processed. Consult us without obligation<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

Who Forewarned is forearmed This past Christmas campaign we found in the media as The country or 20 minutes , different articles referring to toys that had as a differentiating element, the ability to record conversations to later offer interaction with them. These media articles warned of the potential risk of this data collection in […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[30,110],"tags":[],"class_list":["post-7371","post","type-post","status-publish","format-standard","hentry","category-ciberseguridad","category-cybersecurity"],"yoast_head":"\nSecurity breach in toy company - Edorteam<\/title>\n<meta name=\"description\" content=\"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security breach in toy company - Edorteam\" \/>\n<meta property=\"og:description\" content=\"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\" \/>\n<meta property=\"og:site_name\" content=\"Edorteam\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/edorteam\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-02-28T08:25:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-20T08:33:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/edorteam.com\/wp-content\/uploads\/cumplimiento-legal-empresas-abogado.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"598\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Edorteam\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@edorteam\" \/>\n<meta name=\"twitter:site\" content=\"@edorteam\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Edorteam\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\"},\"author\":{\"name\":\"Edorteam\",\"@id\":\"https:\/\/edorteam.com\/en\/#\/schema\/person\/8d561d676383bddf2086b1de4aec37b6\"},\"headline\":\"Security breach in toy company\",\"datePublished\":\"2017-02-28T08:25:51+00:00\",\"dateModified\":\"2021-08-20T08:33:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\"},\"wordCount\":706,\"commentCount\":18,\"publisher\":{\"@id\":\"https:\/\/edorteam.com\/en\/#organization\"},\"articleSection\":[\"Ciberseguridad\",\"Cybersecurity\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\",\"url\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\",\"name\":\"Security breach in toy company - Edorteam\",\"isPartOf\":{\"@id\":\"https:\/\/edorteam.com\/en\/#website\"},\"datePublished\":\"2017-02-28T08:25:51+00:00\",\"dateModified\":\"2021-08-20T08:33:44+00:00\",\"description\":\"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.\",\"breadcrumb\":{\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\/\/edorteam.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security breach in toy company\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/edorteam.com\/en\/#website\",\"url\":\"https:\/\/edorteam.com\/en\/\",\"name\":\"Consultor\u00eda Compliance y protecci\u00f3n de datos\",\"description\":\"Empresa de Ciberseguridad y Protecci\u00f3n de Datos\",\"publisher\":{\"@id\":\"https:\/\/edorteam.com\/en\/#organization\"},\"alternateName\":\"Edorteam\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/edorteam.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/edorteam.com\/en\/#organization\",\"name\":\"Edorteam | Cibersecurity services and data protection company\",\"alternateName\":\"Edorteam\",\"url\":\"https:\/\/edorteam.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/edorteam.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/edorteam.com\/wp-content\/uploads\/cropped-favicon.png\",\"contentUrl\":\"https:\/\/edorteam.com\/wp-content\/uploads\/cropped-favicon.png\",\"width\":512,\"height\":512,\"caption\":\"Edorteam | Cibersecurity services and data protection company\"},\"image\":{\"@id\":\"https:\/\/edorteam.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/edorteam\/\",\"https:\/\/x.com\/edorteam\",\"https:\/\/www.linkedin.com\/company\/edorteam\/\",\"https:\/\/www.instagram.com\/edorteam\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/edorteam.com\/en\/#\/schema\/person\/8d561d676383bddf2086b1de4aec37b6\",\"name\":\"Edorteam\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/edorteam.com\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2e28be36471774aba19e1b15aa24a52aa2d8955a536897526f71cec2370a0a24?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2e28be36471774aba19e1b15aa24a52aa2d8955a536897526f71cec2370a0a24?s=96&d=blank&r=g\",\"caption\":\"Edorteam\"},\"sameAs\":[\"http:\/\/edorteam.com\"],\"url\":\"https:\/\/edorteam.com\/en\/author\/web_edorteam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security breach in toy company - Edorteam","description":"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/","og_locale":"en_US","og_type":"article","og_title":"Security breach in toy company - Edorteam","og_description":"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.","og_url":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/","og_site_name":"Edorteam","article_publisher":"https:\/\/www.facebook.com\/edorteam\/","article_published_time":"2017-02-28T08:25:51+00:00","article_modified_time":"2021-08-20T08:33:44+00:00","og_image":[{"width":1000,"height":598,"url":"https:\/\/edorteam.com\/wp-content\/uploads\/cumplimiento-legal-empresas-abogado.jpg","type":"image\/jpeg"}],"author":"Edorteam","twitter_card":"summary_large_image","twitter_creator":"@edorteam","twitter_site":"@edorteam","twitter_misc":{"Written by":"Edorteam","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#article","isPartOf":{"@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/"},"author":{"name":"Edorteam","@id":"https:\/\/edorteam.com\/en\/#\/schema\/person\/8d561d676383bddf2086b1de4aec37b6"},"headline":"Security breach in toy company","datePublished":"2017-02-28T08:25:51+00:00","dateModified":"2021-08-20T08:33:44+00:00","mainEntityOfPage":{"@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/"},"wordCount":706,"commentCount":18,"publisher":{"@id":"https:\/\/edorteam.com\/en\/#organization"},"articleSection":["Ciberseguridad","Cybersecurity"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/","url":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/","name":"Security breach in toy company - Edorteam","isPartOf":{"@id":"https:\/\/edorteam.com\/en\/#website"},"datePublished":"2017-02-28T08:25:51+00:00","dateModified":"2021-08-20T08:33:44+00:00","description":"We have echoed a case of neglect in the application of security measures and LOPD with the exposure of personal data in toys for children.","breadcrumb":{"@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/edorteam.com\/en\/security-breach-in-toy-company\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/edorteam.com\/en\/"},{"@type":"ListItem","position":2,"name":"Security breach in toy company"}]},{"@type":"WebSite","@id":"https:\/\/edorteam.com\/en\/#website","url":"https:\/\/edorteam.com\/en\/","name":"Consultor\u00eda Compliance y protecci\u00f3n de datos","description":"Empresa de Ciberseguridad y Protecci\u00f3n de Datos","publisher":{"@id":"https:\/\/edorteam.com\/en\/#organization"},"alternateName":"Edorteam","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/edorteam.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/edorteam.com\/en\/#organization","name":"Edorteam | Cibersecurity services and data protection company","alternateName":"Edorteam","url":"https:\/\/edorteam.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/edorteam.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/edorteam.com\/wp-content\/uploads\/cropped-favicon.png","contentUrl":"https:\/\/edorteam.com\/wp-content\/uploads\/cropped-favicon.png","width":512,"height":512,"caption":"Edorteam | Cibersecurity services and data protection company"},"image":{"@id":"https:\/\/edorteam.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/edorteam\/","https:\/\/x.com\/edorteam","https:\/\/www.linkedin.com\/company\/edorteam\/","https:\/\/www.instagram.com\/edorteam\/"]},{"@type":"Person","@id":"https:\/\/edorteam.com\/en\/#\/schema\/person\/8d561d676383bddf2086b1de4aec37b6","name":"Edorteam","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/edorteam.com\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2e28be36471774aba19e1b15aa24a52aa2d8955a536897526f71cec2370a0a24?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2e28be36471774aba19e1b15aa24a52aa2d8955a536897526f71cec2370a0a24?s=96&d=blank&r=g","caption":"Edorteam"},"sameAs":["http:\/\/edorteam.com"],"url":"https:\/\/edorteam.com\/en\/author\/web_edorteam\/"}]}},"_links":{"self":[{"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/posts\/7371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/comments?post=7371"}],"version-history":[{"count":0,"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/posts\/7371\/revisions"}],"wp:attachment":[{"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/media?parent=7371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/categories?post=7371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/edorteam.com\/en\/wp-json\/wp\/v2\/tags?post=7371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}