COLORADO SPRINGS, Colo. (KKTV) - Kids navigate the digital world at very young ages, and now many young children are playing with toys that connect to the internet.
Like the little bear, which comes with Bluetooth connection.
Parents and children can record and send messages to each other through the Internet using an app.
But earlier this year, a security researcher warned the toy's maker, Spiral Toys, that its servers weren't adequately protected - making user emails and passwords vulnerable to hackers.
Bree Fowler, Consumer Reports cyber security editor warns, "Exposing personal data could put you at risk for identity theft or even credit card fraud down the road - and the worst case scenario though very remote is that that information could be used in a child abduction."
And there are some very real instances of children's privacy being compromised by internet-connected toys.
Two years ago, a hacker attacked toy maker, VTech, exposing profiles of more than 6 million children - including names, genders and birth dates - and even more detailed profiles of about 5 million adults.
And the Federal Trade Commission recently announced it's reviewing privacy and security complaints of two internet connected toys - i-Que Robot and My Friend Cayla. The doll has been banned in Germany.
Consumer Reports says examples like these should serve as a wake-up call to families - either play it safe and enter fake names and birthdays - or skip buying these toys altogether.
Spiral Toys told Consumer Reports they saw no evidence their data was breached but took immediate action to protect the privacy of their customers.
As for VTech - they say they took swift action after their data WAS compromised. The company assures consumers they can now manage their accounts securely - and to also change their passwords as soon as possible.