A location tracking smartwatch called MiSafes, a watch worn by thousands of children, could put children at risk as their devices can be easily tracked by strangers, security experts warned.
According to a written post by Pen Test Partners, researchers found out that the product has several security flaws, including unencrypted data.
Essentially, what that means is that hackers can download a software to remotely track a child’s movements, “listen in on their conversation and make spoof calls.”
Their research suggests that the team were able to retrieve personal details, including a person’s name, date of birth, age, gender, weight, and height etc.
So far, from the research that they have gathered at least one million watches of all brands are affected.
According to the report, someone with even the most basic knowledge of code can bypass security and expose a child’s details by using online free tools.
Pen Test Partners said in their report that there are other research centres investigating GPS tracking in devices, including Trackmageddon – a security research company.
Vangelis Stykas and Michael Gruhn said in a report that, “an attacker can use the Trackmageddon vulnerabilities to extract data such as GPS coordinates, phone numbers, device data (IMEI, serial number, etc.), and possibly personal data — depending on the tracking service and device configuration.”
Pen Test Partners tried to alert MiSafe of the issue but did not receive a response.