CINCINNATI -- With the possible exceptions of Annabelle and Chucky, most children's toys don't stir anxiety in the hearts of adults. However, according to the FBI, some should: In a news release issued Friday, the bureau said "smart, interactive, internet-connected toys" are as vulnerable to hacking as any other device in your home.
"Voice recordings, toy Web application passwords, home addresses, Wi-Fi information or sensitive personal data could be exposed if the security of the data is not sufficiently protected," the release stated.
What kind of toys even collect this kind of information? Quartz wrote about two: Hello Barbie, which outfits the doll with a Siri-like virtual assistant capable of holding conversations with children, and CloudPets, which let a child's parents and friends send voice messages through an internet-connected stuffed animal.
Lisa Karr bought a CloudPet unicorn for her granddaughter in order to send comforting messages through the toy, but never gave it to the child after she learned about the risk that messages could be intercepted.
"I wanted it just to tell her, ‘Goodnight, Natalie. Grandma loves you,' but it's much more than that," she said. "It's more complex."
More than 500,000 people with CloudPets became the victim of a widespread toy-hack earlier this year, losing sensitive information like the email addresses and passwords they use to connect the CloudPets to the web.
That's not all that could potentially happen.
"In a worst-case scenario, a pedophile can get access by hacking into it and download your audio and video from your home," police Sgt. Eric Franz said.
Both Franz and the FBI recommend that parents do their research when purchasing a toy with online capabilities and keep that toy stored securely when their child isn't playing with it.
And, when all else fails, remember: You can't hack a pet rock.
