Hackers have revealed that an internet-connected sex toy is sending intimate information back to its manufacturer for the purpose of “market research.”
The We-Vibe 4 Plus is designed to be controlled remotely through a smartphone app, so that couples can use it when they are not together. It was revealed that data from the device, such as its temperature and vibration intensity, is being collected by the manufacturer.
The privacy issue was brought to light at the Def Con hacking convention by two hackers, who use the online monikers Goldfisk and Follower. In a talk titled “The Internet of Vibrating Things,” the pair demonstrated how data is sent to We Vibe maker Standard Innovation.
Try Newsweek for only $1.25 per week
They also demonstrated that it is possible for third parties to intercept the data, as well as remotely take control of the vibrator and commit what is “potentially sexual assault.”
The presentation description stated: “As teledildonics come into the mainstream, human sexual pleasure has become connected with the concerns of privacy and security already familiar to those who previously only wanted to turn on their lights, rather than their lover.”
Standard Innovation has admitted to collecting the information but says that it is doing so for “market research purposes, so that we can better understand what settings and levels of intensity are most enjoyed.”
In a statement, Standard Innovation president Frank Ferrari said that the temperature data collected is not precise enough to know how it is being used by the user.
Ferrari said: “Our reason for collecting CPU temperature data is purely for hardware diagnostic purposes. Our EULA and privacy policy does disclose that we may collect data, but we are currently in the process of reviewing our privacy and data collection protocols in an effort to provide more transparency for our customers.”
It is not the first time that vulnerabilities with smart sex toys have been exposed. In March, security researchers demonstrated how a web-connected vibrator could be hacked. According to experts, companies too often treat security as an afterthought when producing internet-enabled devices.
Chris Boyd, an analyst at the security firm Malwarebytes, told Newsweek in an interview earlier this year: “The problem here is that many Internet of Things devices [smart devices connected to the internet] are horribly broken security-wise because it costs money to ensure a reasonable standard of protection on a product.”