VTech is the world’s largest maker of cordless phones and is a contract manufacturer for electronic products
Toy maker VTech is now trying to embed data breach acceptance in its terms and conditions for customers, in a move which questions whether the company would do the same for its business products after the type of hack it suffered last year.
More than 6.3 million children’s accounts were affected by last year’s data breach, which gave the perpetrator access to photos and chat logs. VTech’s new terms and conditions state that parents must assume responsibility for future breaches.
VTech is a Hong Kong-based global supplier of electronic learning products from infancy to pre-school and the world’s largest manufacturer of cordless phones. It is also one of the top 50 electronic manufacturing services providers globally.
Users, distributors and resellers of its electronic products will now be asking whether the company will try and play the same data breach responsibility avoidance trick on them. And will VTech’s stance be copied by other suppliers?
Commenting on this, David Gibson, VP of strategy and market development at data security and management firm Varonis, said: “Protecting customer, partner and employee data is a business requirement. Imagine if all the medical history questionnaires you fill out at the doctor’s office had a big warning on top: ‘If someone steals the information you provide here, it’s your problem’.
“Or a store saying: ‘Feel free to use your credit card, but we’re not responsible if someone figures out how to steal the number from our systems’. Would you still do business with them?”
Gibson said: “It’s possible that VTech may have run afoul of the US’ COPPA laws for protecting children’s data. The larger point is that consumers should expect reasonable data security without having to be personally liable.”
In last November’s data breach, VTech admits that 4,854,209 accounts belonging to parents and 6,368,509 profiles belonging to children were compromised, when an unidentified hacker broke into its servers.
More information on the VTech data breach move here: