recommended reading

Threatwatch

Smart Vibrator Maker to Pay Customers For Privacy, Security Concerns

Software vulnerability

Personally identifiable information exposed in data breaches usually refers to names, emails, credit card numbers or maybe Social Security numbers. By that bar, collecting information about the frequency of vibrator use would be extremely personal.

As part of a class action lawsuit, Standard Innovation, maker of the We-Vibe smart vibrator and its smartphone app, agreed to pay about $3.75 million to people who purchased the device and used the app, reported The Telegraph.

The We-Vibe vibrators are billed as “couples vibrators” that use a Bluetooth connection and a smartphone app to control the device. But last fall at DEF CON, a pair of hackers demonstrated that some other person could remotely seize the connection and turn it on and off at will, and discovered the device sent temperature and intensity information back to the manufacturer, according to the Guardian.

In the settlement, Standard Innovation denied wrongdoing and claimed its data collection complied with the law. The company also agreed to destroy any data collected through its app, according to The News & Observer.

sector

Other

reported

March 14, 2017

reported by

The Guardian

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown