Thefirst data leakexposed customer email addresses, as well as the email addresses of those people who were given permission to view the camera feeds. A list of cameras in customers' home and tokens used to connect to smartphones and personal assistants such as Alexa were also left open for public view. That database was left exposed from December 4 until December 26.
Thebreachwas disclosed on December 26 by Twelve Security and quickly confirmed by Wyze. Twelve Security said the data breach involved 2.4 million customers worldwide. Wyze said no customer passwords or financial information was contained in the database that was left unprotected.
Wyze on Monday said a second database had also been exposed. It did not give details of what information is on that database, although it said it also did not include passwords or financial information.
As part of the response to the original data leak, Wyze logged out their customers and required them to log in again to create new tokens.
Wyze, which was started by three former Amazon employees, makes cameras that cost as little as $20, much less than the hundreds of dollars that many competing products cost. The price is one of the reasons CNN Business listed it as one of thetop tech giftsof 2019.
But as smart home devices, such as cameras, become more common, a growing number of hackers have sought to access them. Earlier this month, four families withRing cameras reported that hackershad accessed their system and talked to them. One told an 8-year old girl that he was Santa Claus, and urged her to destroy the room.
Ring, which is owned byAmazon(AMZN), said the system invasion was not the result of a breach or failure of Ring's security. Instead, it said the hackers had likely gained access to the family's account through weak or stolen login credentials.
Comments
Post a Comment