The OUI 54:70:68 is an IEEE MA-L block registered to VTech Communications Limited, the telecommunications-products subsidiary of Hong Kong-based VTech Holdings Limited, with a registry address at 23/F, Tai Ping Industrial Centre, Block 1, 57 Ting Kok Road, Tai Po, New Territories, Hong Kong. VTech is one of the world's largest makers of residential cordless phones and baby monitors, so addresses in this block most commonly belong to consumer telecom hardware — DECT 6.0 cordless handsets, Wi-Fi-connected HD baby monitors, small-business analog/IP phones, conference phones, and cordless headsets. Because VTech also runs a sizeable contract-manufacturing arm, a device bearing this prefix may instead be OEM electronics built under contract for a third-party brand rather than VTech-branded gear. The security context is the most analytically important caveat here: VTech's 2015 Learning Lodge breach exposed personal data of roughly 4.85 million parent accounts and over 6.4 million children via SQL injection against the company's own web platform, and a 2018 FTC settlement (USD 650,000) followed for COPPA/FTC Act violations including a false encryption claim. Both incidents were server-side data-handling failures, not device-firmware vulnerabilities — no public CVEs were found targeting VTech's mainstream consumer phone or monitor lines as of 2026-06-19. As with any vendor block, the absence of a 54:70:68 OUI does not prove a device is "not VTech," and OUI alone should not anchor inventory or MAC-based access control.
- IEEE assignment
- 54:70:68 → VTech Communications Limited [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv line 474; maclookup.app/search/result?mac=54:70:68)
- Registry / block size
- MA-L (24-bit OUI, ~16M addresses) [Confirmed] — IEEE MA-L; not present in MA-M (mam.csv) or MA-S (oui36.csv), confirming a sole MA-L assignment
- HQ / country
- 23/F, Tai Ping Industrial Centre, Block 1, 57 Ting Kok Road, Tai Po, New Territories, Hong Kong, HK 00852 (registry address) [Confirmed] — IEEE MA-L / maclookup.app
- Assignment / registration date
- null — IEEE publishes NO registration date for MA-L blocks; a "June 23, 2022" date appearing on maclookup.app is a third-party database artifact, not an IEEE-issued fact, and is not recorded as a registration date [Unknown]
- Company status
- active [Confirmed] — VTech Holdings Limited (HKEX-listed); vtechphones.com, vtechcms.com
- Company background
- VTech Holdings Limited (founded 1976, Hong Kong; HQ Tai Po, New Territories) operates three divisions — Electronic Learning Products, Telecommunication Products, and Contract Manufacturing Services — with ~25,000 employees across ~15 countries; acquired Snom (German IP-phone brand) [Confirmed] — en.wikipedia.org/wiki/VTech
- Device types
- DECT 6.0 cordless home phones, Wi-Fi HD baby monitors, analog/IP small-business phones, conference phones, cordless headsets; may also cover OEM/contract-manufactured electronics (audio, power supplies, IoT, medical) for third-party brands [Confirmed] — vtechphones.com, vtechcms.com, en.wikipedia.org/wiki/VTech
- Security context
- 2015 Learning Lodge breach (SQL injection, ~4.85M parent + ~6.4M child records, 190 GB unencrypted photos/chat logs); 2018 FTC settlement (USD 650,000) for COPPA/FTC Act violations incl. false encryption claim. Both server-side, not device firmware. Operates a Vulnerability Disclosure Policy (VulnerabilityReporting@vtech.com / hackerone.com/vtechphones). Device-level CVEs for mainstream consumer comms lines: Unknown (none confirmed; CVEdetails vendor page lists Bezeq-OEM gateway entries, not core VTech consumer devices) [Confirmed for breach/FTC; Unknown for device CVEs] — ftc.gov, techcrunch.com, mintz.com, cvedetails.com/vendor/19984
- Related entities
- VTech Holdings Limited (parent, HKEX); Snom (IP-phone subsidiary)
- Analyst note
- A 54:70:68 OUI on a globally-administered address identifies genuine VTech-registered hardware (possibly OEM/contract-built); its absence does not mean "not VTech." Primary network risk for VTech-branded devices is operational: weak default credentials / firmware-update hygiene on Wi-Fi baby monitors, older unencrypted DECT eavesdropping, and cloud-account credential exposure tied to the historical breach — not a known device CVE.