According to the Wyze CEO Dave Crosby said an employee was shifting the database of 2.4 million users from one server to another as a routine maintenance task and accidentally exposed it publicly. It took Wyze owners three weeks to realize that the employee’s mistake led to an exposed database for several weeks.
The data included email addresses, health data, list of cameras installed in the house, and Wifi information of the users. Crosby stated: “Our whole business models are built on customer trust. The only way this business works long term is if we build an incredible amount of trust with the customers.”
The company owner also said that the employees should re-evaluate all the security practices so that this accidental data breach won’t be repeated in the future. Wyze immediately notified all the affected users once the news out brake. The affected users were advised to change their password and to go through two-factor authentication for the installed devices.
Dave Crosby also said that “Obviously we are devastated, and very very sorry for this oversight. We will take corrective actions. We are doubling down on security.”
The Wyze data breach is the latest incident. Earlier this month a group of hackers hacked a large amount of personal data and accessed passwords of thousands of Amazon Ring camera owners. In reply to this Amazon said that the passwords were stolen by third-party apps and not Amazon’s system.
According to Riana Pfefferkorn, the associate director of cybersecurity and surveillance at the Stanford Center for Internet and Society wrote in an email to The New York Times: “Consumers should be wary of low-priced ‘smart home’ devices- what you save in money, you might pay for with a breach of your sensitive information. Besides, consumers should think twice about just how ‘smart’ they need, say, a scale to be anyway.”
Islamabad High Court warned the government officials about the malware threat.