ShellCodeX Breach Report
VTech Data Breach
vtechda.com
Verified breach
Retired
Passwords exposed
Accounts exposed
4,833,678
Breach date
13 Nov 2015
Added to tracker
25 Nov 2015
Data classes
11
What happened
In November 2015, hackers extracted more than 4.8 million parents' and 227k children's accounts from VTech's Learning Lodge website. The Hong Kong company produces learning products for children including software sold via the compromised website. The data breach exposed extensive personal details including home addresses, security questions and answers and passwords stored as weak MD5 hashes. Furthermore, children's details including names, ages, genders and associations to their parents' records were also exposed.
Exposed data
Dates of birth
Email addresses
Family members' names
Genders
IP addresses
Names
Passwords
Physical addresses
Security questions and answers
Usernames
Website activity
Recommended actions
- Change your VTech password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing VTech โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP