Smart Sex Toy Manufacturer Ordered To Pay £2.4m Fine After Vulnerabilities Found

Following the news about the story that vibrator manufacturer We-Vibe has been ordered to pay out over £6,000 per customer, having shipped out a product with multiple security vulnerabilities. The company has also admitted to harvesting consumer data without permission. Cesar Cerrudo, CTO at IOActive commented below why this represents a larger problem within the IoT industry.

Cesar Cerrudo, CTO at IOActive:

Cesar Cerrudo“This is yet another example of IoT devices being rushed to market without proper consideration of privacy, and with rampant security vulnerabilities. We are connecting more and more of these devices to the internet and manufacturers are really not applying due diligence, which in the long run will be really costly. While they may get the upper hand in beating the competition to get products to market, they lose out in the long run. Fines and the reputational damage have the potential to sink a start-up before they have the chance to really get going. I mean, who will really trust this company after hearing it has been harvesting this most private of information? This is why all businesses need to build security in at the core of their solution, not as an after-thought.”

Information Security Buzz