I have some news: the Internet of Things is a mess. A hacked refrigerator sounds slightly scary, but a vibrator-controlling app that records all your sex sounds and stores them on your phone without your knowledge? That’s way worse.
Today, a Reddit user pointed out that Hong Kong-based sex toy company Lovense’s remote control vibrator app (Lovense Remote) recorded a use session without their knowledge. An audio file lasting six minutes was stored in the app’s local folder. The users says he or she gave the app access to the mic and camera but only to use with the in-app chat function and to send voice clips on command — not constant recording when in use. Other users confirmed this app behavior, too.
A user claiming to represent Lovense responded and called this recording a “minor bug” that only affects Android users. Lovense also says no information or data was sent to the company’s servers, and that this audio file exists only temporarily. An update issued today should fix the bug. We’ve reached out to Lovense to verify this comment and will update when we hear back.
This isn’t Lovense’s first security flub. Earlier this year, a butt plug made by the company — the Hush — was also found to be hackable. In the butt plug’s case, the vulnerability had to do with Bluetooth, as opposed to the company spying on users. In a separate case unrelated to the Lovense, a company called We-Vibe was sued after after its Bluetooth-enabled vibrators allegedly collected and recorded users’ personal information. The company ended up settling the class-action suit for $3.75 million. Then,
All of this is to say that if you’re going to purchase connected sex toys, do your research. Trust in the toys’ makers is essential. Still, vulnerabilities exist in any smart device, so recognize the risks before going online.
Correction 4:26 PM ET: This article previously stated that Lovense created the We-Vibe vibrator. This was incorrect, and we regret the error.