child smart watch

Millions of Children-Tracking Smartwatches Are At Risk Of Being Hacked

New findings by security firm Pen Test Partners reveal that 47 million devices worldwide could be exposed and tracked thanks to a strikingly insecure cloud platform.

  • By Haley Samsel
  • Dec 20, 2019

Throughout 2019, security researchers have discovered striking flaws about child-tracking smartwatches that could be manipulated by hackers. But new findings reported by TechCrunch show that the smartwatches had a larger problem on their hands: a very insecure common cloud platform lacking basic cybersecurity protections.

Researchers found that the cloud platform, made by Chinese electronics company and location-tracking giant Thinkrace, puts at least 47 million devices at risk of being hacked. Because each device interacts with the cloud platform either directly or through a web domain set up by a reseller, cybersecurity firm Pen Test Partners was able to all commands for the devices back to the faulty cloud platform.

“It’s only the tip of the iceberg,” Ken Munro, the founder of the company, told TechCrunch.

The firm’s findings show that most of the commands that control the devices do not require authorization, allowing hackers to gain access to a device and track its location. There is also no randomization of account numbers, allowing the researchers to access devices in bulk by increasing each account number by one.

Disturbingly, researchers were also able to access voice messages recorded and stored in the insecure cloud that were meant to be exchanged between parents and children. The device, sold by a reseller of Thinkrace’s smartwatches, is used by some five million children and parents, according to TechCrunch.

Researchers compared their findings to CloudPets, a WiFi-enabled teddy bear that left its cloud unprotected and exposed the voice recordings of two million kids.

In 2015 and 2017, Pen Test Partners disclosed the vulnerabilities to electronic makers, including Thinkrace. Some resellers fixed their vulnerable “endpoints,” TechCrunch reported, but many companies ignored the warnings, which pushed the firm to go public with its discoveries.

While consumers may not think they own a Thinkrace smartwatch, many of its devices are sold to popular companies for resale. Some of those companies include Lenovo, Vodafone, Allianz and Huawei.

That’s why Munro recommends that consumers stay away from using the devices. Users can also contact the company selling the watch to ask if their watches are manufactured by Thinkrace, and if the business depends on Thinkrace’s cloud platform.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • 2025 Gun Violence Statistics Show Signs of Progress

    Omnilert, a national leader in AI-powered safety and emergency communications, has released its 2025 Gun Violence Statistics, along with a new interactive infographic examining national and school-related gun violence trends. In 2025, the U.S. recorded 38,762 gun-violence deaths, highlighting the continued importance of prevention, early detection, and coordinated response. Read Now

  • Big Brand Tire & Service Rolls Out Interface Virtual Perimeter Guard

    Interface Systems, a managed service provider delivering remote video monitoring, commercial security systems, business intelligence, and network services for multi-location enterprises, today announced that Big Brand Tire & Service, one of the nation’s fastest-growing independent tire and automotive service providers, has eliminated costly overnight break-ins and significantly reduced trespassing and vandalism at a high-risk location. The company achieved these results by deploying Interface Virtual Perimeter Guard, an AI-powered perimeter security solution designed to deter incidents before they occur. Read Now

  • The Evolution of ID Card Printing: Customer Challenges and Solutions

    The landscape of ID card printing is evolving to meet changing customer needs, transitioning from slow, manual processes to smart, on-demand printing solutions that address increasingly complex enrollment workflows. Read Now

  • TSA Awards Rohde & Schwarz Contract for Advanced Airport Screening Ahead of Soccer World Cup 2026

    Rohde & Schwarz, a provider of AI-based millimeter wave screening technology, announced today it has won a multi-million dollar award from TSA to supply its QPS201 AIT security scanners to passenger security screening checkpoints at selected Soccer World Cup 2026 host city airports. Read Now

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.