Chinese electronic toymaker V-Tech has seen its app stroe hacked, exposing email addresses and passwords of 5 million parents and 200,000 children, but no credit card information has been stolen.
In a statement on Friday, the company said that an “unauthorised party” accessed customer information in a database for VTech’s Learning Lodge app store on November 14.
The app store lets parents download apps, games, e-books and educational content to VTech toys.
The database contains customer data including name, email address, password, IP address, mailing address and download history. It does not contain credit card information, the company said.
VTech has not said how many customers were affected, but Motherboard, which first reported the hack, said information on nearly 5 million parents and more than 200,000 kids was exposed.
The hacked data included kids’ first name, gender and birthday, according to Motherboard.
In an email to customers, the company said: “Upon discovering the unauthorised access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against further attacks.”
The company stressed it was “important to note that our customer database does not contain any credit card or banking information” nor social security numbers.
However it does contain what the Vtech describes as “general user profile information”, such as “name, email address, encrypted password, secret question and answer for password retrieval, IP address, mailing address and download history”.
The firm sells a range of electronic products ranging from toy cars and interactive garages to cameras, games, e-books and tablets.