Parents are being warned not to buy toys from children’s tablet maker VTech after the company updated its terms and conditions to state that should its devices become hacked it will be the parents who must assume responsibility.
VTech was hacked in December last year and saw the company’s database – which stores children’s personal information, recordings and images – breached in the attack. The company said five million customers had been affected in the attack, while the hacker at the centre of the breech claimed to have accessed chat logs and personal information.
The company has since updated its terms and conditions, which developer and blogger Troy Hunt highlighted in a blog post.
One section of the terms and conditions now reads: “You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorised parties.”
Mr Troy expressed his disbelief at the change, writing: “But it’s their responsibility to secure it! Look, I’m the first person to acknowledge that there are very few absolutes in security and there always remains some sliver of risk that things will go wrong but even then, you, as the organisation involved, have to take responsibility.”
VTech said that it stands by the changes, but online security experts have warned parents to boycott the company’s products as a result of the new rules.
Ken Munro from Pen Test Partners told the BBC that “if VTech think that those T&Cs are the answer to their problems I think they should be given a bigger problem to deal with – boycott them and take your money somewhere else”.
Global security software company Trend Micro’s Rik Ferguson displayed a similar sentiment. “Would I advise consumers to avoid an organisation that attempts to take advantage of its customers’ goodwill and to absolve itself of its legal responsibilities with weasel words? Unequivocally, yes,” he told the broadcaster.
A spokesperson for VTech said in a statement: “Since learning about the hack of its databases, VTech has worked hard to enhance the security of its websites and services and to safeguard customer information.
“But no company that operates online can provide a 100% guarantee that it won’t be hacked. The Learning Lodge Terms and Conditions, like the T&Cs for many online sites and services, simply recognize that fact by limiting the company’s liability for the acts of third parties such as hackers.
“Such limitations are commonplace on the web.”
