Mattel has fixed an Internet-connected, talking teddy bear that researchers said was hackable. A security breach might have resulted in hackers stealing children’s names, birthdate and gender information.
The Fischer-Price stuffed animal named SmartToy comes with an app that parents can use to help the toy interact with children. The bear can learn a child’s name and interact with her.
Rapid7, a Boston-based security company, told Fortune that hackers could use information like a child’s name and birthday to determine a family’s password, as names and birthdates are common pass codes for many people. The toy would not have enabled hackers to steal a child’s identity, however.
Mattel told The Guardian Tuesday that they fixed the issues: “Mattel and Fisher-Price take the safety of our consumers and their personal data very seriously, which is why we act quickly to resolve potential vulnerabilities like this.”
Mattel is no stranger to complaints about security. Last year, parents and an organization called the Campaign for a Commercial-Free Childhood complained that Hello Barbie, a wifi-enabled doll, was vulnerable to hacking. The doll was capable of responding to a child’s voice, like Siri, and even learning and storing information about he child—like a favorite class or grandmother’s name—for future conversations.
Security researchers found that hackers could access stored data, audio files and even Barbie’s microphone. They could even listen in on children’s conversations.
Read TIME’s Cover on Barbie’s New Body
[Fortune]
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Write to Eliana Dockterman at eliana.dockterman@time.com