Parents in Germany are being warned by a government watchdog agency to destroy a talking doll called Cayla because its IoT technology could be accessed by outsiders, according to a BBC report.
The nation’s Federal Network Agency, which oversees telecommunications, issued the warning after security investigators said hackers could access an insecure Bluetooth component embedded in the toy to listen to and speak with the doll’s owner.
The doll’s distributor said earlier incidents were isolated and pledged to upgrade the doll’s app. However, experts said the issue has not yet been addressed.
Similar to other smart devices that respond to voice commands and connect with the internet, Cayla can answer questions, but the problem, say researchers, is that the communications can be hacked. It’s even been shown that an attacker could speak with the doll’s owner.
Flaws in the doll’s software were first detected in January 2015. Privacy groups filed a complaint with the the U.S. Federal Trade Commission in December 2016 requesting an investigation and injunction on two internet-connected talking toys that may be recording and transmitting children’s personal information. Cayla was one of the dolls included in the complaint.