No company is immune from hackers—even a toy company. Hong Kong based VTech got hit by a hacker recently. This company makes techy educational toys for kids, and its database got breached.

Customers go to the Learning Lodge store and download content to their children’s VTech devices. The devices for downloading to are a tablet, watch and action camera.

But recently, this gateway store was attacked.

Some customers’ private information—now in the hands of the hacker—may put them at risk for being victims of identity theft or even a crime against their children. The customer database is comprised of people from many countries including the U.S., UK, Canada, China, Latin America, France and Australia.

The hacker anonymously contacted the company to reveal what was stolen: customers’ names, their kids’ names and birthdates, passwords, e-mail addresses, IP addresses, home addresses and even their secret question. And we all know that hackers have been known to find the answer to a secret question by perusing the potential victim’s Facebook posts!

At least credit card information wasn’t leaked.

But imagine how unnerving it is to know that someone out there has your mailing address, IP address, children’s names and birthdates. Oh, and it doesn’t stop there. The hacker revealed that photos of kids were also leaked.

Customers were notified and since, VTech has made changes to the attacked website in the name of preventing another breach, though it’s not publically known what those changes were.

Many toys and gadgets for kids are connected to the Internet. But don’t let fear of data breaches stop you from buying educational devices for your kids. Today’s connected toys offer a whole new educational experience.

• Google the gadget to see if it was ever hacked or has “vulnerabilities.”
• Immediately scan the product once purchased.
• The toy should be connected only to a secure Wi-Fi network.
• Keep its software and firmware updated regularly.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

If you’re going to drone on and on about how you got hacked by a cyber thief, maybe it’s because you played with your new drone—you know, those rad little flying devices that hover via remote control over your street? Yes, they are hackable.

If you don’t have a drone, don’t be surprised if you get one as a gift this season, as Americans are spending tens and tens of millions of dollars on them.

First off, if you spot a drone, before you go, “Wow, cool, there’s a drone! Kids, come look at this!” consider the possibility that it’s spying on you.

Drones can be connected to the Internet and also have a camera—two ways the cyber crook could spy on you. If something is connected through Wi-Fi, it can hacked, and this includes wireless Bluetooth.

So this means that your drone or your kids’ drone could get hacked into. To guard against this, you must continually keep its firmware updated, and use a password-protected Wi-Fi.

So even though the drone is your nine-year-old’s “toy,” it’s a potential gateway for hackers to slither their way into your bank account, medical records and online accounts. And since the drone can be the hacker’s portal, so can your child’s other remote controlled, Wi-Fi connected devices.

Every device, even a remote controlled car that’s connected to Wi-Fi, should at a minimum have the latest software updates or in some cases have security software to protect against viruses and other malware and also phishing scams.

And it’s not just thieves who want to hack into your personal affairs to get your money. A hacker may be a pedophile, seeking ways to find victims.

A hacker could get in even through an application you just downloaded. Before downloading anything, you should read what the app has access to. You may be unknowingly granting permission for the app to access e-mails or turn on cameras.

Anything that’s “smart” – not just the smartphone, smartdrone, Ebook or tablet – can be a portal to a cybercriminal. This means that smartwatches are on this list. So are those fitness trackers you put on your arm. A hacker could get into your phone via that device on your upper arm that’s tracking your heart rate.

So before you do the “cool!” thing, first do the “security!” thing. Be mindful of what you purchase and the measures you take to protect it.

A group of people who are actively collaborating to commit identity fraud is known as an identity fraud ring. These rings are generally made up of two or more career criminals, often including family members or close friends. These rings work by members either stealing a victim’s identity or sharing personal information such as a date-of-birth or Social Security number. Though many fraud rings occur in large cities, there are a surprisingly high number of rings found in rural areas.

According to Bergen County Prosecutor John L. Molinelli, recently, twenty people from Pennsylvania and New Jersey were charged as part of a highly sophisticated identity theft ring. The group used several stolen ID’s to open new bank accounts and then negotiate counterfeit and fraudulent checks.

These new arrests were based on information obtained through an ongoing investigation, which began after a previous arrest of a member of the ring, Miokar B. Wehye. This arrest occurred after a nearly year-long investigation after accusations of fraud and identity theft began coming in from Bergen County business owners.

According to Molinelli, the investigation showed that Wehye created a scheme that allowed his group to steal more than $100,000 from their victim’s bank accounts. The prosecution team alleged that Wehye and his group changed their victim’s addresses, opened new bank accounts in their names, and by using counterfeit checks, made illegal withdrawals from these accounts. The group also applied for business loans in the names of their victims.

Though you may think this will never happen to you, the truth is, it can. Anytime you apply for any type of personal or business loan online, it makes you more susceptible to becoming a victim of identity theft. The system of identification that is currently used has flaws, and the Internet makes it quite easy for criminals to get approval when they are not conducting a face-to-face transaction.

Identity thieves can easily change a mailing address and begin diverting documents away from you and directly to themselves. All it takes is a Change of Address request to the US Postal Service, and your mail can be forwarded to a new destination address, and this change may be permanent or temporary. Currently, anyone can change anyone else’s address simply by filling out a form online or even in person at a local post office.

Fortunately, arrests like Wehye’s help police to breakup these rings, and in this case, it led to fraud charges against almost two dozen people, which means there are 20 people who are off the streets and unable to steal your personal identity, for now. Each of these people have been charged with conspiracy to traffic in the personal identifying information of another, which is a second-degree crime. Wehye, and his accomplice Rachel Horace, were charged with receiving a stolen vehicle, too, as at the time of their arrests they had a 2015 Range Rover which was stolen at gunpoint from its owner in Elizabeth, New Jersey.

Though these people are off the streets, there are still dangerous people out there, so make sure you remain vigilant about your identity.

As the holiday shopping season quickly approaches, identity thieves are quickly looking for their next victims. In Indiana, government officials are taking steps to stop these thieves in their tracks. Just recently, the state’s Attorney General Greg Zoeller was in Fort Wayne to announce the launch of “Freeze Identity Thieves.”

This program, which is designed to protect consumers who may become victims of identity theft, allows people to freeze their credit online, for free. And it’s been around since 2008. He just figured it out.

This past year, there were reports of more than 400 data breaches in the state, which allowed for the exposure of financial and personal information. In addition, there were more than 1,000 identity theft complaints filed. Zoeller does not want this number to get any higher.

Why is Indiana such a big target? I suspect it’s due to a couple of reasons. First, I think they may simply be a bit behind on the available security upgrades. This is a simple fix, fortunately, as long as the state begins to improve their security policies. Another reason is that there could be an individual or even an identity theft ring that is wreaking havoc on residents of the Hoosier state.

Zoeller urges every resident in Indiana to assume that their information has been compromised. Agreed. Actually, if you are a US citizen, with the billion plus records breached, consider your identity stolen. Though you may not be a victim of identity theft at this point, it may be a good idea to freeze your credit information now, so you do not become a victim of identity theft later.

You may be wondering if this action will work, or if freezing your credit reports is enough to prevent identity theft. The answer is yes. This type of credit freeze is something that all states adopted in February 2008 and in my opinion, and it will lock down your credit report, which will prevent fraud.

Brief FAQ About Credit Freezing

When is it a good idea to freeze my credit?

If you are 18 years old or older and have a credit report, you should freeze your credit. You should also freeze it if you are under the age of 18 and your identity has been stolen in the past.

What should I consider before ordering a freeze on my credit?

Don’t consider anything, just do it. Your credit should be frozen across the board, even though lenders have been trying to prevent this. Why? Because they would be unable to give out instant credit, and it would “gum up” the lending system.

What does it cost to freeze a credit report?

Depending on where you live, it costs between $0 and $15 to freeze your credit report. To apply for a new line of credit, you will pay between $0 to $5 to thaw the report.

Where can I freeze my credit report?

You can freeze your credit report by contacting the three main credit bureaus by following the links, below:

Equifax

Transunion

Experian

Credit freezing stops an identity theft from using stolen information, such as a Social Security number, from accessing and racking up credit in your name. Once the freeze begins, you can lift it at any time, such as when you need a new loan or want to apply for a new credit card. Also, just because your credit report is frozen, it does not mean that you cannot use your present credit.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Wow, a lawyer in Memphis got scammed by his secretary—she embezzled over $362,000 from him, says an article on wreg.com. Attorney Jerry Schatz hired Teresa Sumpter, 48, in July of 2013.

Little did he know that his assistant would end up stealing checks from his trust account, forging her signature on them, and opening three credit cards—all in his name. And she named herself as an authorized user.

And what did this conniving little pill do with the stolen money? Sumpter bought several vehicles, paid some bills and purchased some miscellaneous things.

After her arrest she was charged with six counts of identity theft, two counts of forgery and two counts of theft of property.

So you see, the “bad guy” is sometimes a woman. It happens more often than you think, too. An article at sacbee.com tells the case of Natashia Adams Lugo, 31, whose dirty deeds of identity theft got her a sentence of almost 15 years in a state prison.

Lugo had been employed by Job Journal LLC. Then she was fired. So she decided to get some revenge by using her former employer’s bank checking and routing numbers to polish off $40,000 of personal debt. How could she not have known that her criminal act would easily be traced back to her?

Lugo also stole $17,200 from the Job Journal’s bank account to fund her child support account. Once again, the question blares: How could she have been dumb enough to commit a crime so traceable back to her? Some times these criminals aren’t so savvy, other times they are. Regardless, the employers usually never see the money again.

Prior to the Job Journal employment, Lugo had worked for Balanced Body, which fired her. You guessed it: After being fired, she used the company’s personal identifying information, as well as that from some of its patrons, to steal over $11,000.

Businesses need to beware of firing employees. But the logistics of protecting themselves from these kinds of crimes can be enormous. Big companies can’t close out their bank accounts and open new bank accounts every time someone is fired. Maybe small companies can, that hardly ever fire anyone, but the bottom line is that businesses just have to keep their fingers crossed whenever they give someone the pink slip.

The big thing is to hire forensics accountants to look at your books, frequently. Especially in family owned businesses. Sad, but true.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

If the person you are sending an e-mail to pretty much instantaneously receives it, how on earth can you unsend or cancel it? Well, you have several options.

Criptext

• This is a browser plug-in that works for Chrome and Safari.
• Your message including attachments will be encrypted.
• You will know when it’s been opened.
• You can recall messages and assign them expiration times. The recall, of course, comes after the recipient has possibly opened the message, but if they’re, for instance, away from their computer when it comes in, and you recall the e-mail, they will never know it was there. Or maybe they will have seen it and decided to open it later, and when that time comes, they see that it has vanished and think they’re going crazy.

UnSend.it

• Like Criptext, this plug-in will let you know when messages have been opened. In addition, it allows you to recall them and also set expiration times.
• Missing, however, is the encryption feature.
• It’s compatible with more browsers than is Criptext.

What about Gmail users?

• Enable the “Undo Send” feature as follows.
• In the upper right is a gear icon; click on it.
• Select Settings to bring up the “General” tab.
• Scroll to Undo Send.
• Click checkbox for Enable Undo Send.
• You can choose a cancellation time of five, 10, 20 or 30 seconds. A grace period of only five or 10 seconds doesn’t make much sense, so you may as well choose 30 seconds unless you routinely need recipients to receive your messages less than 30 seconds after you send them.
• Hit Save Changes.

Virtru

• This plug-in is compatible with Chrome and Firefox.
• Those with Yahoo, Gmail or Outlook accounts can use it.
• For $2/month, you can have message recall and self-destruction, along with message forwarding.
• The free version does not offer any kind of recall or cancellation features, only secure messaging.

Are you a cyber-blabber? Even a post about your daily afternoon foray to the sub sandwich shop could get you in trouble: A burglar reading this knows when to rob your house. But it doesn’t end there. STOP THE MADNESS!

The Giants: Facebook and Twitter

• Be careful what you post on Facebook and tweet about. It can be used against you in court, even something as innocuous as: “I’m training for my very first 10K.” Not good if you’re suing someone who hit your car for back pain and suffering.
• Lawyers will take the time to scroll the Facebook timeline and your tweet history for evidence that can kill your case.

Reputation and Safety

• Seemingly harmless posts and tweets can indicate to burglars when it’s a good time to break into your house.
• Worse, posts and tweets can indicate to pedophiles when and where to lure your child into their car.
• Less malevolent, but potentially annoying though, are the data mining companies that piece together your tidbits to then design an ad campaign targeted towards you.
• Are your posts replete with language? This won’t look good to a potential employer. Nor will endless posts about how fatigued you always are.
• That image of your young child’s specially hand-crafted spanking paddle won’t go over well with the mother you were recently interviewed by for a nanny position.

I think you are starting to get it.

Obsessions

• Facebook and Twitter can certainly amplify a pre-existing whacked sense of priorities. An example is that of obsessively checking your friend’s page to see what new thing she’s bragging about, then getting worked up with anger that you can’t match this, such as a new sports car.

Solutions

• Set a timer out for, say, 30 minutes a day, and that’s your limit on Facebook and Twitter.
• Avoid social media for one week to kill your hunger for obsessing over a family member’s bigger house, fancier car and more prestigious job.
• Set your privacy settings on high.

Stop making inane posts about everything that happens to you. Nobody will go to bed in distress just because they didn’t read that you had an upset stomach after eating too much at BurgerVille.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.