Quantcast
Connect with us

A huge security camera company just had a major security breach

Published

on

- Commentary

If you invest in an internet-connected security camera system, one might expect that the  makers would take security extremely seriously. After all, what consumer would invest in such a system if they were worried about hackers spying on them in their home?

This article first appeared in Salon.

Shockingly, executives at Wyze Labs, makers of a line of popular affordable security cameras, just announced that personal information from 2.4 million customers had been exposed to the public.  The breach included information like WiFi network details and customer email addresses. It is possible that an unknown third party already has these customer email addresses, making them vulnerable to spam or phishing attempts. While the company’s cameras themselves seem not to have been hacked or breached directly, having the email address for a customer is often enough to be able to hack into someone’s assorted internet accounts.

ADVERTISEMENT

As security breaches accumulate, consumers are particularly at risk if they use the same passwords and login names on different sites, as many databases of breached usernames and passwords are already public. The blog Twelve Security made the breach public the day after Christmas. Wyze executives were only made aware of it after a customer posted the blog post on a Wyze online forum. Once executives audited the breach, they discovered a second one occurred on Dec. 27.

Wyze Labs is known for their budget-friendly indoor WiFi-connected cameras, some of which cost just $20. Other cameras on the market, like the Nest or Ring, range from $60 to $200.

Details as to how the breach occurred remain unclear. The investigation into both breaches is ongoing. As the New York Times reports, “the first Wyze breach occurred after an employee created a flexible database to quickly pull user analytics.”

That employee removed the security protocols on the new database, exposing customers’ personal information. Customers’ passwords were not saved on the breached database, so hackers could not access live camera feeds, said Dongsheng Song, a co-founder at Wyze.

“We didn’t properly communicate and enforce our security protocols to new employees,” Mr. Song said. “We should have built controls, or a more robust tool and process to make sure security protocols are followed,” he added.

ADVERTISEMENT

Dave Crosby is a co-founder of Wyze, and told the Times that the employee who made the mistake is still employed at Wyze.

“It was an accident,” Crosby was quoted as saying in the New York Times. “We are very, very sorry and taking it very seriously.”

Data security expert Jennifer King, the director of consumer privacy at the Center for Internet and Society at Stanford Law School, told the New York Times this is a reminder that “consumers have zero control.”

ADVERTISEMENT

“We are definitely at the point where if we want to change anything, we need regulation,” King said.

King added that consumers are more vulnerable when data is on the cloud.

ADVERTISEMENT

“If the company isn’t necessarily practicing the best security practices you can do all you can and you’re still going to be exposed,” King said.

Another expert said the company should expect consumers to bring class-action lawsuits in the near future.

According to a Wyze Labs company blog post, all users who created an account prior to December 26th, 2019 have been affected. The company started to send emails to customers on Monday.

ADVERTISEMENT


Report typos and corrections to: [email protected].
READ COMMENTS - JOIN THE DISCUSSION
Continue Reading

Breaking Banner

WATCH: John Oliver exposes Trump’s lies about vote-by-mail — and the Fox News ‘cult’ claiming the election is already ‘rigged’

Published

on

"Last Week Tonight" host John Oliver's main story Sunday refuted President Donald Trump's latest crusade against vote-by-mail. Trump announced on Twitter that the more people who vote in an election, the more Republicans tend to lose. So, he wants fewer people to have access to the ballot in November, even if people are too scared to go out during the coronavirus crisis.

Oliver called out Missouri Gov. Mike Parson (R-MO), who outright told people not to vote if they were too afraid to vote in the local elections next week.

"Well, hold on there," Oliver interjected. "Voting is a right. It has to be easy to understand and accessible to anyone."

Continue Reading

Breaking Banner

John Oliver rips Fox News’ Tucker Carlson for urging ‘order’ from people of color — but never demanding it of police

Published

on

John Oliver opened his Sunday show, shredding Fox News host Tucker Carlson for uring "order" among protesters, but refusing to urge "order" to police and "wannabe police" who can't stop killing people.

It's a lot, Oliver explained. "How these protests are a response to a legacy of police misconduct, both in Minneapolis and the nation at large and how that misconduct is, itself, built on a legacy of white supremacy that prioritizes the comfort of white Americans over the safety of people of color."

While some of it is complicated, Oliver conceded, most of it is "all too clear."

Continue Reading
 

Breaking Banner

Cars set on fire blocks from White House as DC protests turn violent

Published

on

The Washington, D.C. protests turned violent as the city approached the 11 p.m. curfew the mayor instituted Sunday afternoon.

The policy of D.C. police is that when they are attacked, they advance forward. So, when fireworks were fired, the line of officers began pushing the protesters back further from the White House. Behind the line of police officers also stand a line of National Guard troops that President Donald Trump has demanded stand watch in the city.

Lights that normally shine on the White House have also been turned off, reporters revealed.

https://twitter.com/markknoller/status/1267291138655956992

Continue Reading
 
 
You need honest news coverage. Help us deliver it. Join Raw Story Investigates for $1. Go ad-free.
close-image