Wyze data breach may have exposed 2.4 million users personal information


TAMPA, Fla. (WFLA) – Wyze Labs, the maker of affordable home security cameras and smart home devices, has reportedly suffered a massive data breach, CNN reported.

Security consulting firm Twelve Security first discovered the breach on Dec. 26 and said they found an open path to the company’s Elasticcsearch database, which contained the personal information of more than 2.4 million Wyze customers.

The compromised data included users’ email addresses and Wi-Fi network names, as well as the nicknames, model numbers and lists of cameras in customers’ homes and tokens used to connect smartphones and personal assistants, such as Amazon’s Alexa.

Wyze’s co-founder and chief product officer Dongsheng Song, confirmed the breach on Friday, and said that user data had been left exposed from Dec. 4 to Dec. 26 due to a human error.

“We copied some data from our main production servers and put it into a more flexible database that is easier to query. This new data table was protected when it was originally created,” Song said. “However, a mistake was made by a Wyze employee on December 4th when they were using this database and the previous security protocols for this data were removed.”

Song said no passwords or financial information were exposed and that home addresses should be safe, even though some email addresses were exposed.

Song said that although health information such as height, weight, gender, and bone mass was compromised, it only belonged to about 140 beta testers that were using products still under development.

Song warned customers to be aware of spam and phishing attempts and said the company already logged out their customers and required them to log in again.

“You will need to log back in and relink your Alexa, Google Assistant, or IFTTT integrations if you use these services and haven’t done so yet,” Song said.

“We’ve always taken security very seriously, and we’re devastated that we let our users down like this,” Song added. “For now, we’ll say that we are very sorry for this oversight and we promise to learn from this mistake to make improvements going forward.”


Copyright 2020 Nexstar Broadcasting, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Latest Videos

More Video

Trending Stories

get the app

News App

Weather App

Don't Miss

More Don't Miss