“Pleeeease?!” Buying a quick gift or giving in to your child’s pleas for a new toy is quickly becoming a more serious decision. In the age where toys can happily entertain kids by talking to them, the few precious moments those toys buy parents may not be without risk. It’s possible for anyone within an internet-connected toy’s Bluetooth range to connect to the toy and receive their audio recordings, while being up to 100 feet away. For example, in December 2015, VTech allegedly exposed the personal information of 6.4 million children, which included their names, genders and birthdays. Stealing a child’s personal information is, at the very least, concerning. However internet-connected toys come with an additional danger—localized hacking. Just look at Cayla, an internet-connected fashion doll manufactured and sold by Genesis Toys. My Friend Cayla answers fact-based questions, plays games, reads stories, and even solves math problems. Genesis uses third-party voice-recognition software by U.S.- based company, and the doll requires an iOS/Android application to use the software. The doll’s mobile application researches and supplies Cayla with factual answers to questions, but it also prompts children to set their physical location, parents’ names and school name.