A 21-year-old man has been arrested in the course of investigations into the case of cybercrime VTech, the company’s electronic toys for children who were hacked a few weeks ago, leaving millions of light data.

The man was arrested on suspicion of unauthorized access to a computer to facilitate the commission of a crime, and causing a computer to execute a function to enable unauthorized access to a program.

According Motherboard, the hacker explained what had happened, adding that the action wasn’t done with a malicious intent, but to show that the company engaged in children had no adequate security. Authorities arrested a 21 years suspect for the acts in Bracknell, a town 32 miles outside of London, officials said.

VTech’s data breach affected five million customers. Credit: Engadget

The man added that he was able to breach two databases, containing personal data for millions of parents and children, using a simple hacking technique called a SQL injection, in which hackers enter commands that prompt a database to dump its contents.

Currently, VTech is working with the U.S. cyber security firm FireEye to investigate the hacking incident.

Craig Jones, head of the cybercrime unit at the South East Regional Organised Crime Unit, said in a statement posted online, that officials are still in the early stages of the investigation. It was unclear what led police to the 21-year-old man, and no further details were provided.

According to an announcement made by Vtech when the incident occurred, an “unauthorized party” accessed the database of the learning application called Lodge. And although there was no banking user information or personal information data, it did have ‘general’ profile data that included names, email address and IP address. The hacked data also included names, gender and birthdays of more than 200,000 children.

Source: BBC