Another day, another smart home camera system security hack, this one affecting the Seattle-based company Wyze. First reported by the Texas-based cybersecurity firm Twelve Security and confirmed by Wyze, the hack is estimated to have affected 2.4 million customers who had their email addresses, the emails of anyone they ever shared camera access with, a list of their cameras, the last time they were on, and much more information exposed. Some customers even had their health data leaked.
“Personally, in my 10 years of [system administration] and cloud engineering, I never encountered a breach of this magnitude,” wrote Dan Ehrlich, founder Twelve Security, in a post about the Wyze hack.
Wyze is a home camera system similar to Amazon’s Ring that’s more economical: Whereas the cheapest Ring indoor camera will set you back around $60 (and their flagship doorbell products start at $100), Wyze’s products top out at $30. Both companies have now experienced at least one kind of major breach — either a hack or a leak — that should raise the eyebrows of anyone considering purchasing this type of home security.
Dr. Richard Forno, assistant director of the Center for Cybersecurity at the University of Maryland, Baltimore County, told Digital Trends that these security systems leave a lot to be desired in terms of securing themselves, much less their customers. “You have to ask, are product companies doing basic Cyber 101-type security measures to make sure their costumer and priority data is protected? You have to at least do the basics,” Forno told DT. “The fact that we see so many data breaches these days shows that companies are not doing the basics, let alone their best, to minimize the breaches from happening.”
Ehrlich told Digital Trends that the lack of security on smart home camera systems, to him, amounts to gross negligence. “I know what bad security looks like,” Ehrlich said. “When I see bad security, usually you can understand why, for example, they took down a firewall, but I’ve never seen it as bad as this. Equifax should be held up as a gold standard compared to these guys,” he said, referring to the 2017 security breach of the Equifax credit reporting company that exposed the data of 147 million people.
Ehrlich said he was confident that eventually the industry will sort itself out, but right now, there just isn’t enough manpower to fix what would need to be fixed to secure smart home systems. “There’s just not the people to fix it. There isn’t the talent pipeline to fix it,” he said. “There’s not the people to secure all the stuff and look at everything that needs looking at.”
“The winning move right now is not to play,” Forno told Digital Trends, speaking about what consumers should do to better protect themselves from an almost inevitable camera hack. “Just don’t buy one.”
If a consumer is dead set on buying one of these systems, Ehrlich says “be aware that it is technically possible right now for all video taken to be exfiltrated to anyone in the world, anywhere. This is true of Wyze and a lot of other brands.”
Forno warned that these cameras are not much different than a computer, tablet, or phone, and that it’s just a fact that some companies are taking privacy more seriously than others. “The privacy on these devices is really lacking and there’s not much to do short of unplugging,” he said.
If you do purchase one, Forno said to make sure everyone in the home is aware of where it is and when it’s turned on. Also, make sure to fully unplug it when it’s not needed. “Nothing beats actually physically powering it off and unplugging it,” he said. “A modicum of common sense by the user will go a long way.”
Wyze did not immediately respond to a request for comment. This story will be updated when we hear back.
- Wyze customers hit by online data leak, company confirms
- Data leak exposes personal info of more than 3,000 Ring users
- Ring and Amazon slammed with a federal lawsuit over failed camera security
- Man hacks Ring camera in woman’s home to make explicit comments
- T-Mobile hack may have affected around a million customers
- CES 2019: Tuya Smart introduces AI home security and smart office solutions
- Smart Signal From Alarm.com Brings Enhanced Security and Control to Smart Home and Business Owners
- How to plan your smart home — and be savvy on the privacy risks
- Home smart home: Tech firms and builders focus on AI controlling your gadgets
- In rush to join smart home crowd, buyers should beware
- Hacker voice piped into Nest home security system, Phoenix man says
- How to plan your smart home — and weigh privacy risks
- Latest in home security won't leave you wired
- FBI records, emails, Social Security numbers exposed in massive data leak, security experts say
- How to make your house into a smart home
- Trump's wins on trade, NATO spending come at a cost, experts say
- Donald Trump's Space Missile Plan Is Too Expensive and Will Not Work, Just Like His Border Wall, Experts Say
- Still wondering if global warming is real? Expert says: Look for snow.
- Los Angeles, San Diego homeless estimates need context, experts say
- Donald Trump Is Keeping Promise to Withdraw From Syria So He Can Win the 2020 Election, Experts Say
- The Latest: Huawei replies to EU, says not a security risk
- California family says hacked Nest camera warned of North Korea missile attack
- Amazon’s Ring videos from inside customers’ homes viewed in cybercrime hotbed: reports
- Unsafe Britain: Research Reveals Nearly Half of UK Homes Without Security
- Risks from stolen Marriott data: espionage, ID theft, home burglaries
After latest hack, experts say smart home security systems stink at securing data have 936 words, post on www.digitaltrends.com at December 30, 2019. This is cached page on Konitono.News. If you want remove this page, please contact us.