Smart home camera data exposed: 2.4 million records leaked

Smart home camera data exposed: 2.4 million records leaked
© Denisismagilov | Dreamstime.com

In an age where data is treated as a commodity to be bought and sold, there’s bound to be incidents where bad people go after it to line their own pockets. That’s why data leaks are no laughing matter, and in the last year, the number of major leaks has been steadily on the rise.

In fact, some of the biggest security debacles of the past year were the result of unsecured data being discovered on the web. Whether by maliciousness or incompetence, there have been multiple leaks in 2019 that revealed highly personal user information. Tap or click to see how bad one of these massive leaks was.

But now, a new breach has many smart home owners concerned. A popular smart home camera developer was found to be hosting user information on an unsecured database. Without proper protection, this data was up for grabs. If you use this brand of camera in your home, it’s time to change your passwords.

Wyze confirms data breach potentially affecting millions of users

Users of the popular Wyze smart home camera products may have had their personal data leaked in a massive unsecured database that was stored on a Chinese cloud server.

Initially reported by cybersecurity researchers at Twelve Security, the Amazon-affiliated company had apparently moved the information of more than 2 million users to a remote database and neglected to copy over proper security features.

This information was extremely personal in nature, but thankfully didn’t include anything dangerous, like passwords or financial data. Instead, it was more focused on demographics.

RELATED: Tap or click here to learn about a recent restaurant hack that put credit card info at risk.

The leaked user information included email addresses and usernames, time zones and relative locations, email addresses of people users shared videos with, login times and session durations, Alexa access tokens, camera information like serial numbers and specific user health information.

Despite being hosted in China, none of the affected users were found to be located in the country. It is not currently known whether or not this is a simple act of negligence or something worse. The founder of Wyze went on the record to say:

We don’t have all the answers yet.

Waze founder

Am I affected by this breach? What can I do?

The issue appears to have been contained, for now. The unsecured server has since been locked, and is currently inaccessible to outsiders.

Needless to say, such a massive leak is still a genuine security crisis. To make matters worse, it doesn’t even matter if you’re a Wyze user. As long as someone with a Wyze camera shared a video with you, your email address was included in the leak.

Since no passwords or login information were stolen, it’s safe to assume email addresses may be among the most valuable data in the leak. Large collections of email addresses are often used to build spam mailing lists, so if you happened to be affected, expect an uptick in spam emails in the near future.

To protect yourself, follow the same basic protocols you would with any suspicious messages: Don’t engage, don’t download and don’t respond. That said, the fact that names and health data were included in the leak may point to more convincing spam emails.

Even if a message contains information you know to be true, ignore it. Contact the authorities and let them handle the issue through the proper channels. Attempts to deal with hackers can only result in more pain.

In the meantime, as a general precaution, you may want to consider freezing your credit just to be safe. Even the strongest security protocols are no match for stolen data and clever social engineering. Tap or click to see the benefits of a credit freeze.

Tags: Amazon, breaches, credit freeze, cybersecurity, email addresses, security, spam emails, Wyze