Researchers reveal Hello Barbie security vulnerabilities

Occurred: November 2015

Can you improve this page?
Share your insights with us

Mattel's Hello Barbie doll could be hacked and young girls spied on, according to a US-based security researcher.  

Security researcher Matt Jakubowski discovered the WiFi-enabled Hello Barbie was vulnerable to hacking when storing audio files of conversations between kids and the doll in the cloud, on which they could be analysed by Mattel, its technology partner ToyTalk and other vendors.

The hack allowed Jakubowski 'easy' access to the doll’s system information, account information, and stored audio files. The result might be that anyone could identify the individual and their home address and modify the doll to suit their needs. 'It’s just a matter of time until we are able to replace their servers with ours and have her say anything we want,' Jakubowski told NBC.

Mattel software maker ToyTalk responded by saying it would patch the vulnerability.


Operator: Mattel/ToyTalk
Developer: Mattel/ToyTalk
Country: USA
Sector: Consumer goods
Purpose: Interact with children
Technology: Voice recognition; NLP/text analysis
Issue: Privacy; Security; Surveillance