We're guessing you never thought you'd see the day when hacking would extend to bathroom appliances. But in a world of smart devices, it's pretty much bound to happen. Granted, hackers wouldn't necessarily be hacking into your smart toilet to extract personal information (at least let's hope not…). But they could take control of it at some pretty inconvenient moments.

The software security firm Trustwave has discovered a glaring security flaw in the $5,686, high-tech, luxery Satis toilet from LIXIL. The toilet uses a Google Android app through Bluetooth, and the pin number for every device is auto-set to 0000, which cannot be reset by the user. So technically, any phone with the My Satis Android app could activate any one of the toilets.

Trustwave reveals that hackers could repeatedly flush a toilet to drive up the water bill, remotely open and close the lid, or even activate the bidet — which could, quite literally, scare the crap out of anyone using it.

“It's easy to see how a practical joker might be able to trick his neighbours into thinking his toilet is possessed as it squirts water and blows warm air unexpectedly on their intended victim, but it's hard to imagine how serious hardened cybercriminals would be interested in this security hole,” security expert Graham Cluley told the BBC. “Although this vulnerability seems largely harmless, what's clear is that companies building household appliances need to have security in mind just as much as computer manufacturers.”