Technology toys are popular gifts but vulnerable to hacking

Toys can provide an opportunity to talk with kids about staying safe online. Photo: Unsplash

The New York State Division of Consumer Protection (DCP) is alerting parents and families that Bluetooth and technology-enabled toys may be fun for families to interact with this holiday season, but these toys are also easy for hackers to access and manipulate for nefarious means.

When children’s products — such as smartwatches, smart toys and gaming devices — are tested for vulnerabilities, results show exposures with microphone and camera access in sleep mode, Bluetooth connections without authentication, access to location information and conversation eavesdropping. 

As children interact with technology-enabled and connected toys, usage and personal information (like location) is continuously uploaded to company servers. Once a toy is vulnerable to a hack, that information can be easily accessed and collected. Additionally, when toys allow children to search and access the web, the toy can effortlessly misdirect children away from age-appropriate sites. 

“Toymakers are in the business of making toys, not technology,” said Secretary of State Rossana Rosado, who oversees the New York State Division of Consumer Protection. “Making toys fun and easy to use often means technology and security take a back seat. New York families need to take extra precautions, especially when children are 35 times more likely to fall victim to identity theft.”

Steps to make technology-enabled toys safer:

  •  Research complaints. Parent blogs, social media, and security company websites often sound the alarm well before news stories hit.
  •  Turn it off. When a child is done playing with a toy or leaves it, make sure the toy is first disconnected from the Internet and then turned off. When toys remain connected to the Internet in sleep mode, your personal privacy and information can still be accessed.
  •  When children are playing with technology-enabled toys, watch their interactions closely to understand how the toys work and quickly identify when something is not right with a toy.
  •  Secure WiFi. Never use technology-enabled toys on public WiFi.
  •  Strengthen passwords. Make sure your passwords are unique and updated regularly.
  •  Use parental controls. Many toy companies claim they want to protect your child’s information. See which companies offer the option to delete your child’s information and select that option.
  •  Read the policies. Companies are beginning to specify what information they store and share. Read the long policy documents to see what information is stored and what is used only for sign-up and then deleted.
  • Enter an alias. If setup requires additional information, provide a different name or nickname, birthdate and other important information. If the toy is hacked, this decreases the chance of child identity theft.
  •  Technology is here to stay. Toys can provide an opportunity to talk with kids about staying safe online. For ideas, check out Common Sense Media:
  •  Stay offline. Old-fashioned games, books and puzzles are making a comeback. Consider a family game night – without gaming consoles!

If you believe your child’s toy was hacked, report it to the Internet Crime Complaint Center.

The New York State Division of Consumer Protection provides voluntary mediation between a consumer and a business when a consumer has been unsuccessful at reaching a resolution on their own.

The Consumer Assistance Helpline 1-800-697-1220 is available Monday to Friday from 8:30am to 4:30pm, excluding State Holidays, and consumer complaints can be filed at any time at  

To order, PM at

© The FilAm 2020

Leave a Reply

%d bloggers like this: