Smart toys have big security flaws, consumer group finds

(CBS/CNET) -- Some toys on the shelves this year may have security flaws that leave them vulnerable to hacking and could put children at risk, a consumer group suggests.

Consumer safety group Which? researched smart toys for 12 months and told CBS News they found vulnerabilities in the Furby Connect, I-Que Intelligent Robot, CloudPets and Toy-fi Teddy. Researchers discovered the toys use unsecured Bluetooth connections that could be "too easy" for someone to use them to talk to a child.

"That person would need hardly any technical know-how to 'hack' your child's toy," the report warned.

Which? mentioned that Bluetooth range is usually limited to about 10 metres, so the main concern would be people close by with malicious intent. But, tech experts said it wouldn't be impossible for hackers to extend Bluetooth range.

As more toys add Wi-Fi and Bluetooth connections, regulators have kept an eye on them for vulnerabilities.

German regulators removed the My Friend Cayla smart doll from the market earlier this year after classifying it as an "espionage device." CloudPets was also criticized for leaving account information and voice recordings exposed on the internet.

Hasbro, the creators of the Furby Connect, says they take the report seriously and that children's privacy is a top priority for the company.

Creators of CloudPets, Toy-fi Teddy, and Genesis Toys did not immediately respond to a request for a comment from CNET and CBS.

This article originally appeared on CBS and CNET.