Researchers from cybersecurity company Checkmarx have reported how LeapFrog’s LeapPad Ultimate, a tablet made for children between the ages of 3 and 6, had flaws that could’ve let attackers intercept information from the devices, locate them and send messages to young users.
The Checkmarx report stated that the LeapPad Ultimate tablet was sending information over an insecure internet connection, which could’ve revealed children’s names, genders and approximate ages. A LeapPad Ultimate application called Pet Chat also made it possible to find a tablet’s location and other device information.
According to Checkmarx, LeapFrog quickly took steps to fix the problems, including removing the Pet Chat application from its store. That of course leaves the possibility that older versions of the tablet might still have Pet Chat installed.