Police in England said they arrested a 21-year-old man on Tuesday in connection with last month’s breach of VTech, a Hong Kong electronic toy maker, which exposed personal data for 12 million people, including 6.4 million minors.
Hackers also made off with profile photos and chat logs of millions of parents and their children.
British police said they arrested the man, who has not been identified, in Bracknell, a town 32 miles outside of London, for breaking England’s Computer Misuse Act, including “unauthorized access” to a computer and data, according to a statement released by Britain’s South East Regional Organized Crime Unit.
Last month, VTech said its online database store was compromised by hackers. Among the stolen data were names, email addresses, passwords, profile information, mailing addresses and download histories belonging to parents, as well as names, genders and birth dates of children.
The breach was notable for the fact that children’s personal information was compromised. Security experts say children are a frequent target for identity thieves because their clean credit histories can be used to apply for government benefits, open bank and credit card accounts and apply for loans.
But the hacker believed to be behind the breach told Vice’s Motherboard blog that he did not intend to sell or use the data, but instead to draw publicity to VTech’s weak security practices. The hacker told Motherboard that he was able to breach two databases, containing personal data for millions of parents and children, using a simple hacking technique called a SQL injection, in which hackers enter commands that prompt a database to dump its contents.
“Profiting from dumps is not something I do. Especially not if children are involved!“ the hacker told Motherboard in a private chat. “I just want issues made aware of and fixed,” he said.
The claims could not be independently verified.
Nearly half of the compromised VTech accounts belong to customers in North America, which has prompted officials in Connecticut and Illinois to investigate.