If you've been keeping up to date on the scary VTech hack, you'll want to hear this. It seems that the hacker who was targeting 6 million people, including millions of parents and perhaps 200,000 or more kids in the U.S., Europe, and Asia, may have been caught.
A 21-year-old man in the UK is being held on suspicion of "unauthorized access" to a computer. In the hack, it's believed he accessed millions of email addresses, IP addresses and secure passwords.
The attack focused on electric learning toy maker VTech, specifically its Learning Lodge site. There, parents can download games and eBooks.
Parents provide personal information like their addresses. Children provide information such as their birth dates.
As we told you last month, a hacker easily broke into VTech's poorly secured website using a SQL injection attack. The hacker was able to piece together information about the children, too, by matching their profile to the information their parents provided.
The VTech hacker didn't stop there, though. This is scary. He was also able to steal 190GB of photographs of its customers, parents and children, from its Kid Connect service.
It is believed that the hacker posted some content online. He quickly took it down, though, and said he was just trying to prove that he could do it.
VTech, which sells toys such as Twinkle and Learn Tambourine and the Touch and Learn Activity Desk, suspended both Learning Lodge and Kid Connect. On December 3, VTech issued a release saying it hired the cybersecurity firm, FireEye's Mandiant Incident Response services, "in response to the recent cyber attack to strengthen the security" of its systems.
Note: It's increasingly important to make sure you stay safe when you're online. Visit the Komando Security Center for tips on keeping safe, including information on anti-virus programs.