AI Toy’s Exposed Admin Panel Risked Children’s Personal Data and Conversations
Security researchers Joseph Thacker and Joel Margolis uncovered a critical security flaw in the Bondu AI toy, exposing an unsecured admin panel that could have leaked sensitive data from tens of thousands of child users. While investigating the toy for a neighbor, Margolis discovered an exposed domain (console.bondu.com) in the mobile app’s backend, which led to a "Login with Google" button intended for parents but granting unrestricted access to Bondu’s core admin dashboard.
Once inside, the researchers found full access to children’s conversation transcripts, personal details, and device data, including:
- Child’s name, birth date, and family member names
- Likes, dislikes, and parent-defined objectives
- Toy’s given name and past interactions (used for AI context)
- Device location (via IP), battery status, and firmware controls
The toy’s AI, powered by OpenAI GPT-5 and Google Gemini, used this data to tailor responses, though the researchers noted the collection was technically disclosed in Bondu’s privacy policy unlikely to be read by most users. Beyond the authentication bypass, they also identified an Insecure Direct Object Reference (IDOR) vulnerability, allowing retrieval of any child’s profile by guessing their ID.
The flaw was accessible to anyone with a Google account, though the researchers limited their access to validation only. After responsibly disclosing the issue to Bondu’s CEO via LinkedIn, the company took down the console within 10 minutes and launched an investigation. Logs confirmed no unauthorized access beyond the researchers’ testing, averting a potential data breach. Bondu also initiated a bug bounty program and collaborated with the researchers to address additional risks.
Despite the swift response, Thacker expressed concerns about AI toys, stating the incident shifted his stance on their safety. He highlighted risks of uncontrolled AI access in homes, noting that even well-intentioned designs could introduce vulnerabilities. Bondu’s website previously emphasized its 18-month beta testing with no reported safety issues, but the incident underscores the broader challenges of securing AI-driven children’s products.
Source: https://thecyberexpress.com/security-researcher-finds-ai-toy-admin-panel/
Bondu TPRM report: https://www.rankiteo.com/company/theaitoycompany
OpenAI TPRM report: https://www.rankiteo.com/company/openai
Google TPRM report: https://www.rankiteo.com/company/google-ai-page
"id": "opethegoo1769726523",
"linkid": "openai, theaitoycompany, google-ai-page",
"type": "Vulnerability",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Tens of thousands of child '
'users',
'industry': 'Consumer Electronics, AI, Toys',
'name': 'Bondu AI Toy',
'type': "AI-driven children's toy"}],
'attack_vector': 'Authentication Bypass, Insecure Direct Object Reference '
'(IDOR)',
'data_breach': {'data_exfiltration': 'No confirmed exfiltration beyond '
"researchers' validation",
'personally_identifiable_information': 'Child’s name, birth '
'date, family member '
'names, device '
'location (via IP)',
'sensitivity_of_data': 'High (children’s personally '
'identifiable information)',
'type_of_data_compromised': 'Children’s personal data, '
'conversation transcripts, device '
'data'},
'description': 'Security researchers Joseph Thacker and Joel Margolis '
'uncovered a critical security flaw in the Bondu AI toy, '
'exposing an unsecured admin panel that could have leaked '
'sensitive data from tens of thousands of child users. The '
'flaw allowed unrestricted access to children’s conversation '
'transcripts, personal details, and device data via an exposed '
"admin panel with a 'Login with Google' authentication bypass "
'and an Insecure Direct Object Reference (IDOR) vulnerability.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of children’s sensitive data',
'data_compromised': 'Children’s conversation transcripts, personal '
'details (name, birth date, family member '
'names), likes/dislikes, parent-defined '
'objectives, toy’s given name, past '
'interactions, device location (via IP), '
'battery status, firmware controls',
'identity_theft_risk': 'High (children’s personal data exposed)',
'operational_impact': 'Admin panel taken down within 10 minutes of '
'disclosure',
'systems_affected': 'Bondu AI toy admin panel, mobile app backend'},
'investigation_status': 'Resolved (logs confirmed no unauthorized access '
"beyond researchers' testing)",
'lessons_learned': 'AI-driven children’s products require stringent security '
'measures to prevent unauthorized access to sensitive '
'data. Authentication bypasses and IDOR vulnerabilities '
'can lead to significant privacy risks.',
'post_incident_analysis': {'corrective_actions': 'Admin panel taken down, bug '
'bounty program launched, '
'collaboration with '
'researchers to address '
'additional risks',
'root_causes': "Unsecured admin panel with 'Login "
"with Google' authentication "
'bypass, IDOR vulnerability '
'allowing unauthorized access to '
'child profiles'},
'recommendations': 'Implement stricter access controls for admin panels, '
'conduct regular security audits, enhance transparency in '
'data collection practices, and establish bug bounty '
'programs to identify vulnerabilities proactively.',
'references': [{'source': 'Security researchers Joseph Thacker and Joel '
'Margolis'}],
'response': {'containment_measures': 'Admin panel taken down within 10 '
'minutes of disclosure',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Launched bug bounty program, '
'collaborated with researchers to '
'address additional risks'},
'title': 'AI Toy’s Exposed Admin Panel Risked Children’s Personal Data and '
'Conversations',
'type': 'Data Exposure',
'vulnerability_exploited': 'Unsecured admin panel, IDOR vulnerability'}