Bracknell man arrested over VTech toy hack

Officers from the South East Regional Organised Crime Unit (Serocu) have arrested a 21-year-old man  as part of a wide-ranging investigation into the hacking of applications belonging to VTech, a Hong Kong-based electronic toymaker.

Serocu’s cyber crime unit, acting with a number of partner agencies, swooped on an address in Bracknell on the morning of 15 December and seized a number of electronic items to be examined forensically.

The arrest was made on suspicion of unauthorised access to a computer to facilitate the commission of an offence, and suspicion of causing a computer to perform functions to secure or enable unauthorised access to a program or data, against section 2 and section 1 of the Computer Misuse Act 1990, respectively.

In November, hackers gained access to VTech’s Learning Lodge app store database, which reportedly included the personal details of more than 200,000 children worldwide, including names, ages, dates of birth, genders and parents’ addresses.

VTech insisted that the compromised database did not contain any credit card or banking information, but warned that passwords and IP addresses may also have been stolen.

The firm’s app store enables children to download games, e-books and a range of other content to VTech devices, which include ruggedised tablets and wearable smart watches.

Users of the service were warned that hackers were likely to use the stolen information to trick them into revealing further personal details using targeted phishing emails.

Serocu’s head of cyber crime, Craig Jones, said: “We are still at the early stages of the investigation and there is still much work to be done. We will continue to work closely with our partners to identify those who commit offences and hold them to account.

“We are pursuing cyber criminals using the latest technology and working with businesses and academia to further develop specialist investigative capabilities to protect and reduce the risk to the public.”

Jones urged end users to check their home and business computer security arrangements, and take advice from sites such as cyberstreetwise.com and getsafeonline.org.