Skip to Content
Security & privacy

Hacking fears over Bluetooth stuffed toys

Protecting ourselves against hackers and those trying to spy on us seems like a full-time job these days.

Even areas that many of us assumed were off limits to hackers, such as school databases, are now fair game. Hackers are accessing information on our children such as their age, where they live and what school they attend. As a result, it’s getting tougher to protect our kids when they’re away from home.

One place where we normally don’t have to worry about outside influences on our children is home. Even at home, the last place you’d probably think about finding a security risk is in toys.

Toys that pose security risks

A consumer watchdog group is warning parents that dangers are lurking in some “connected” toys — specifically, toys that use Bluetooth. Consumer Watchdog Which? is calling on retailers to stop selling some popular toys since hackers can actually take control and talk and send messages to a child. Those toys include Furby Connect, the i-Que robot, Cloudpets and Toy-fi Teddy.

The watchdog group found no authentication is required between the toys and the devices they could link with via Bluetooth, making them vulnerable to hackers. Basically, that means that any device within physical range of the toys could take control and send messages.

A couple of the toy makers are taking this news seriously and are investigating. The maker of I-Que, Vivid Imagination, said there haven’t been any reports of their toys being used in a malicious way but promises to review Which?’s recommendations.

Hasbro, which makes the Furby Connect, said in a statement that it believed the Which? results of the tests had been achieved in very specific conditions.

“A tremendous amount of engineering would be required to reverse-engineer the product as well as to create new firmware,” it said. “We feel confident in the way we have designed both the toy and the app to deliver a secure play experience.”

Cloudpets maker, Spiral Toys and Toy Fi, did not comment.

Other toys tested by Which? include Mattel Hello Barbie, the Wowee Chip, and Fisher-Price Smart Toy Bear. No serious security concerns were found in these toys. 

Aside from toys, hackers are targeting government agencies and some of our favorite businesses, as well.

Check this list of the other big data breaches no one is talking about

Click here to find out about the latest data breaches.

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook