Home / Technology / AI Toy Leaks Kids' Private Chats
AI Toy Leaks Kids' Private Chats
29 Jan
Summary
- AI toy's web portal left over 50,000 chat transcripts exposed.
- Researchers accessed names, birthdates, and intimate conversations.
- Company fixed the data exposure within hours of notification.
A recent security vulnerability in the AI-powered toy "Bondu" allowed unauthorized access to over 50,000 children's chat transcripts. Security researcher Joseph Thacker and a colleague discovered that the toy's web portal, intended for parental oversight, was accessible via any Gmail account. This exposed sensitive data, including children's names, birthdates, family details, and intimate conversations with the AI.
Thacker described the situation as a massive violation of children's privacy. Bondu's company reacted swiftly, taking down the console and relaunching it the next day with improved authentication. The CEO stated that fixes were completed within hours and no unauthorized access beyond the researchers was found.
Despite the swift resolution, the incident serves as a significant warning about the privacy risks associated with AI-enabled children's toys. The detailed conversation histories stored by Bondu underscore the extensive personal information these devices can collect and potentially expose, raising critical questions about data security for young users.
