But tech for kids isn’t all just fun and games — they also have a lot more ways to stay safe and connected to their parents than ever before. GPS trackers, in particular, are one of the most popular ways for parents to monitor children while still giving them freedom to explore their surroundings. Whether these devices are safe enough, however, is another question entirely.

Avast, the developers behind one of the internet’s most popular antivirus software, revealed a shocking new security threat in their recent cybersecurity blog post. According to their statement, critical security vulnerabilities were found in 30 GPS trackers designed for children, seniors and even pets. These trackers all originate from the same Chinese manufacturer and factory, and are often sold under different brands as part of an industry-wide practice known as “whitelabeling.” These GPS trackers, Avast says, broadcast requests like location data from its web app with no encryption, making it easy for hackers and cybercriminals to intercept the transmissions. Once inside, they could easily gain access to the device’s microphone for eavesdropping or know exactly where your kids are located. Scariest of all, this method of attack could make it easier for a hacker or child predator to change the location the GPS is broadcasting to somewhere else entirely. It’s enough to make your skin crawl! To make matters worse, Avast also discovered 50 related mobile apps that share the same unencrypted platform as the trackers. All of these apps and devices all used the same stunningly-inept password of “123456.” Yes, really.

I own a GPS tracker! Is mine at risk?

One thing uniting these devices, however, is their cheap price. While exact prices vary, the T8 Mini GPS can be picked up from various retailers for as little as $30, and all the way up to $80 for fancier branding and packaging. In this case, you are very much getting what you pay for. The most common incarnation of the device can be seen above, though appearance and size may also differ. In the future, it’s worth doing extensive research before purchasing any devices you plan to hand off to a child — or any other at-risk loved one. Since there are few explicit cybersecurity laws in effect, it’s up to both manufacturers and consumers to hold one another accountable for device security. But judging by the track record of several manufacturers, the ball is squarely in our court.