Data Breaches Just Keep Happening

And this is just the beginning. Check out the toys they’re giving to kids these days.


Security implementation at the chip level is about the only way to get a really secure environment, and it’s about to become much more apparent as the world becomes far more connected.

Consider the new Hello Barbie doll, which has integrated speech recognition. The idea, at least according to Mattel, is to make the doll “smart” and be able to tailor its interactivity with the child who plays with it. And Barbie isn’t the only toy. This is a trend in the toy biz today, and we are going to see it in more than just dolls. And the potential for abuse is very high for all of them.

In the Barbie case, the collected information is stored in the cloud. And it’s not just the conversation with the child. It’s ANY conversation in the vicinity can be recorded and analyzed!

So imagine you are discussing your finances with your significant other while your child is playing with the doll in close proximity, and suddenly that information is in the cloud. Mattel certainly is doing its utmost to keep your private data private, just as Anthem, Chase, Target, Home Depot and countless others have done. As poor as the state of security is with these companies, it may be just a matter of time before a toy company’s cloud will be hacked. You can imagine the kind of data that could end up in the hands of the wrong people.

But what if that data is accessed by some hacker and they feed data back to the doll, which tells a child to unlock the front door or put their mother’s purse outside the front door? Sound far-fetched? Maybe.

Another disturbing example is the 14-year old whiz kid who successfully demonstrated how to hack a car, which car experts say should be impossible. The kid went to Radio Shack, bought $15 worth of commonly available parts, and built the circuit to do this. Imagine what this could mean if an organized cybercrime group figures out how it’s done. In the IoT age we are basically living in a fishbowl, where smart things are constantly sending and receiving data on every move everything makes – kids and pets included. Talk about a “eureka” moment for the bad gumys.

If this doesn’t scream security at the chip level, I don’t know what does. We need hardware security in everything, from the Barbie doll to the Tesla to the Lear jet.

The question is who should pay for it. In my own humble opinion, liability should be assigned to the responsible parties rather than the users. When was the last time your bank or retail outlet paid to fix your stolen identity, which happened because they were compromised? The common wisdom is that this will simply increase costs for the end user. But if you think that adding such security will be expensive, just wait until you see how expensive the lack of security will become.

Leave a Reply