• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

2

Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place

3

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster

1

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

2

Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place

3

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
TechLeapFrog

Security Researchers Find ‘Worst Case Scenario’ in LeapFrog Kids Tablet

By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
August 7, 2019, 7:30 AM ET
Add Fortune on Google for similar content.

Researchers have found gaping security holes in LeapFrog’s LeapPad Ultimate Tablet for children that could let hackers determine a child’s location, send them messages, and steal sensitive information.

The tablets, which sell for around $80, are geared toward three-to-six-year-olds, and come pre-loaded with everything from game and flashcards, to read-along videos. Parents can also add more than 1,000 other games, eBooks, videos, music, and apps from LeapFrog’s Learning Library.

“The reason we chose LeapFrog is because we are looking at devices that may have hold more serious implications than others,” Erez Yalon, head of security research at security company Checkmarx tells Fortune.

Yalon’s team found several security holes, that if exploited together, could let hackers know a child’s name, age, and gender, where they live, and have the ability to send the child a message to come outside and play.

“We’re looking at the worst case scenario, but as a dad, I’d rather look at the worst case scenario,” Yalon says.

Pet Chat App Gives Away a Kids’ Location

Users of LeapFrog’s Pet Chat app, which lets kids use avatars to chat with other, was pitched as a safe and controlled environment for children. Users could only send a set of pre-loaded emojis and phrases rather than write original messages.

But hackers could have dug into the plumbing powering the Pet Chat app’s chat room. The app created a Wi-Fi connection using the identifier “Pet Chat”, which then broadcast to other compatible devices nearby while restricting access to the greater Internet.

A hacker could have found “Pet Chat” on Wi-Fi and track the MAC address, a unique identifier for networked devices. The hacker could then have visited WiGLE, a website that tracks global wireless hotspots and consolidates location information, to see where kids are using Pet Chat and when a device was last used.

After learning a child’s location, hackers could send them a preset phrase available through the device like “Let’s go!” and “play outside together.” They could then tempt a child to go outside, where the hacker could be waiting.

Stealing sensitive information that could be used against children

Additionally, Checkmarx discovered that hackers could launch phishing and man-in-the-middle attacks to steal information ranging from a kid’s name, gender, and birthday, to a parent’s credit card information, billing address, and phone number.

For example, hackers could spoof an existing Wi-Fi network and force devices on the original network to reconnect to the new, fraudulent one. Since traffic isn’t encrypted, Checkmarx was able to see parents’ and children’s private information when it tried out the hack.

After the devices were logged into the spoof network, Checkmarx was also able to create a fake portal that asked parents for information such as the last six digits of their credit cards on file.

Checkmarx brought the issues to LeapFrog’s attention in December, and said the company worked with it to quickly make changes. LeapFrog made the first fixes in February and then in June confirmed to Checkmarx that it would remove Pet Chat from its app store.

Mari Sunderland, vice preside of digital product management at LeapFrog, says “safety of the children who use our products is a top priority.” 

“With the information they provided, we were able to take immediate actions to resolve the issues,” she says. There have been no reports of anyone exploiting these security holes.

As a parent, Yalon says he wouldn’t let these security problems deter him from buying LeapFrog’s tablet in the future, since the company quickly worked to fix the problems. However, he says he hopes the research will serve as a good reminder that there’s “no such thing as foolproof security,” even if a company tries to make its own safe browsers or portals away from the greater Internet.

“The least we can do is try to find [vulnerabilities] as soon as possible in the process, or if a product is already out, to make sure the company is responsive in fixing it,” he says.

More must-read stories from Fortune:

—What you need to know about 8chan, the controversial site tied to the El Paso shooting

—Verizon’s unlimited plans are getting cheaper. Here’s what you should know

—What CEOs, bankers, and tech execs think about a coming recession

—How an alleged Amazon theft ring got the goods

—Boeing adds a second flight control computer to the 737 MaxCatch up with Data Sheet, Fortune‘s daily digest on the business of tech.

About the Author
By Alyssa Newcomb
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big TechNvidia
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
54 minutes ago
Dell’s AI boom is real, but so is the profit margin hit nobody is pricing in
AIDell Technologies
Dell’s AI boom is real, but so is the profit margin hit nobody is pricing in
By Mia OsmonbekovJune 30, 2026
13 hours ago
Image of colored bar charts with one being pushed up.
NewslettersEye on AI
AI is minting billion-dollar companies faster than before
By Beatrice NolanJune 30, 2026
15 hours ago
Anthropic CEO Dario Amodei pointing to his head.
AIAnthropic
At the heart of Anthropic’s clashes with the U.S. government, a decision not to play by the new rules of Trump’s Washington
By Jeremy KahnJune 30, 2026
18 hours ago
wb
CommentaryLeadership
I grew BDO from $600 million to $3.4 billion. Here’s the 3-part formula that made it possible
By Wayne BersonJune 30, 2026
19 hours ago
vinod
CommentaryData centers
Vinod Khosla: AI’s energy crisis has a fix — and it doesn’t need the grid
By Vinod KhoslaJune 30, 2026
19 hours ago

Most Popular

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
6 days ago
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Success
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
By Sydney LakeJune 29, 2026
2 days ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
4 days ago
'Humanity has chosen to become idiots': This Brown professor switched to take-home exams after a mass shooting and discovered mass cheating
AI
'Humanity has chosen to become idiots': This Brown professor switched to take-home exams after a mass shooting and discovered mass cheating
By Catherina GioinoJune 29, 2026
1 day ago
The U.S. Army is opening military bases to private billions — here's why that changes everything for the next 250 years
Commentary
The U.S. Army is opening military bases to private billions — here's why that changes everything for the next 250 years
By Marc AndersenJune 30, 2026
20 hours ago
The retired college professor fighting a $313 trespassing ticket in Wisconsin thinks he's part of a national struggle
Environment
The retired college professor fighting a $313 trespassing ticket in Wisconsin thinks he's part of a national struggle
By Catherina GioinoJune 28, 2026
3 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.