Senators have discovered that a company making AI-powered toys exposed thousands of conversations with children, raising serious privacy and security concerns.
According to a letter sent Wednesday by Sens. Marsha Blackburn (R-Tenn.) and Richard Blumenthal (D-Conn.), toy manufacturer Miko had exposed “what appears to be all of the audio responses of the toy” in an unsecured, publicly accessible database.
The senators’ staff found that anyone could download Miko’s side of thousands of conversations with children. These audio files often contained children’s names and details about their interactions with the toy.
“This basic cybersecurity lapse, and the toys’ frequent communications back to Miko, Inc., call into question whether your company adequately protects the privacy and security of children’s and the toy’s data,” the senators wrote in their letter.
Miko CEO Sneh Vaswani denied any data breach in a statement: “There has been no breach or leak of user data. Miko does not store children’s voice recordings, and no children’s voices or personal information are publicly accessible.”
However, NBC News viewed the exposed database, which appeared to contain thousands of daily responses from Miko toys to children’s questions dating back to December 2025. While the database didn’t include recordings of children’s voices, NBC News found it was possible to follow conversations based solely on the toy’s replies.
The senators’ offices discovered the exposure using publicly available tools to examine the communications a Miko toy sent over Wi-Fi. By Wednesday afternoon, after Miko was informed of the issue, the database was no longer accessible.
This isn’t the first time AI toys have raised concerns. In December, NBC News reported that several AI toys engaged in explicit sexual conversations, advised users on finding dangerous objects, and shared political sentiments aligned with Chinese Communist Party talking points.
The senators also sent letters to other AI toy makers, including Curio and FoloToy, requesting information about their data security practices. A previous version of FoloToy’s Kumma bear reportedly discussed sexual topics and provided advice on lighting matches before stricter controls were implemented.
This investigation comes as another company, bondu, faces scrutiny from Senator Maggie Hassan (D-N.H.) after reportedly exposing children’s chat transcripts through a publicly accessible portal.
Recent Comments