As an extension of the nebulus "IoT" sector - the standard of security in connected childrens toys does at this point appear to be particularly low.

The difference for me is that we read many articles about the potential for compromise of IoT devices, but at this point - a relatively low number of successful attacks relative to the wide variety of available equipment. In the toy sub-sector, we see a higher percentage of problematic technology; with some complicating factors:-

1:- The targets are more vulnerable

2:- The results of a hack bear high risk

3:- Often it's not clear that the devices might record audio or video, and transmit this elsewhere

4:- The users are highly unlikely to know security best-practise

In one case - devices are feeding back speech praising particular commerical products, of which the toy makes has a business relationship with.

As a father of two young boys I know how compelling interactive toys can be for children, and as a parent it can be extremely difficult to resist bringing technology into the house. Perhaps we should just roll back to pull-string toys until some regulation or security standards are applied across the industry...