Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Children’s toys that connect to wifi and Bluetooth could pose serious threat, claims expert

'Anyone considering buying one should apply a level of caution'

Olivia Petter
Tuesday 14 November 2017 12:58 GMT
Comments
Getty Images
Getty Images

Consumer testing experts are urging retailers to stop selling children’s toys which connect to wifi or Bluetooth.

According to product watchdog Which?, popular toys such as Furby and Cloudpets pose “concerning vulnerabilities” that could allow strangers to speak to children.

After conducting a thorough investigation on how these toys work, the review site claims that some of them have “proven” security flaws.

"Connected toys are becoming increasingly popular, but as our investigation shows, anyone considering buying one should apply a level of caution," said Alex Neill, managing director of home products and services.

Neill and her team of researchers tested a number of connected toys available at major retailers in collaboration with German consumer organisation Stiftung Warentest.

They found that there is no authentication required to link some toys with devices via Bluetooth.

“In each of the toys, the Bluetooth connection had not been secured, meaning during the tests the hacker didn’t need a password, PIN code or any other authentication to get access,” Which?'s report said.

Consequently, Which? are claiming that the following toys can be easily “hacked” and could pose severe threats to child safety:

Furby Connect, the i-Que robot, Cloudpets and Toy-fi Teddy.

They have also published a short video which demonstrates how "easy" it is for a hacker to gain access to the voice control of these toys.

“With toys like these and other connected toys expected to be popular around Black Friday and Christmas, we’re calling for smart toys to be made secure, or taken off sale entirely,” they said.

Hasbro, who manufacture Furby Connect, responded to Which?'s findings with the following statement:

"A tremendous amount of engineering would be required to reverse-engineer the product as well as to create new firmware.

"We feel confident in the way we have designed both the toy and the app to deliver a secure play experience," reports the BBC.

Vivid Imagination, who produce the I-Que robot, said that they would review Which?’s claims, but insisted that they had never received reports of the toys “being used in a malicious way.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in