Wi-Fi Barbie doll vulnerable to surveillance hack

Be careful what you buy your children for Christmas this year, as some toys are reportedly being shipped with online vulnerabilities.

Security researcher Matt Jakubowski told NBC that the Hello Barbie Wi-Fi enabled doll could be hacked to listen in on conversations.

Read more: Hello Barbie doll will chat with your child via Wi-Fi connection

Dubbed the world’s first interactive doll, Hello Barbie was released earlier this month and uses a microphone and online connection to analyse voice recordings and deliver a suitable response. Jakubowski said that hackers could take advantage of the technology to overhear sensitive information. There may also be damaging consequences for children, as hackers could make the Barbie doll say inappropriate or harmful things.

With the rise of the Internet of Things on the way, Jakubowski also highlighted another potential security concern. He believes that by hacking the doll, attackers could find out the kind of information that they need to gain access to other Internet connected devices using the home network.

However, ToyTalk CEO Oren Jacob claimed that the discovery made by Jakubowski, described as an “enthusiastic researcher,” is not a security issue at all.

“It is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App,” he said. “No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge.”

Read more: Nest Thermostat receives new security update

However, considering the space limitation of the Barbie doll, it is unlikely that the security protocols are robust enough to resist reverse engineering. Therefore, it is likely to only be a matter of time before someone does find a way to hack the Hello Barbie doll, or the many similar Wi-Fi connected toys that will surely follow in its wake.

Image Credit: Mattel