Children's technology maker VTech says the personal information of about five million of its customers and their children may have been stolen by hackers.
The Hong Kong-based company disclosed the breach of a customer database late last week, but didn't say how many people could be affected until Monday.
The affected database includes the names, birthdates and genders of child users.
- Ashley Madison data breach may undermine privacy for everyone
- Home Depot admits 56 million cards hit by security breach
It also includes adult user information including names, email addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download histories.
The database doesn't contain any credit card numbers.
The company says it's contacted all of the affected users by email and has temporarily suspended some of its websites as a precaution.
It has set up a number of email inquiry accounts for customers. Canadian customers can send questions to: email@example.com.
Chester Wisniewski, a senior security adviser at Sophos Canada in Vancouver, says VTech customers should not be completely reassured simply because no credit card numbers were exposed.
"Having enough information about someone to make you credible ... means that you may then be tricked into handing over a lot more information," he told CBC News. "So it's not so much about all the things that were specifically stolen but more [about] arming criminals with information about your identity that makes you likely to be victimized even more."
VTech makes a variety of popular tech-related toys including tablets and smartwatches.