Security camera startup Wyze apologizes for a breach that allowed 13,000 customers to see into other people's homes

Wyze, a Seattle-based company specializing in smart-home products and wireless cameras, blamed the breach on a "third-party caching library."

Security camera startup Wyze apologizes for a breach that allowed 13,000 customers to see into other people's homes
Wyze Cam, $26
A Wyze security camera.
  • Wyze says a breach has allowed 13,000 customers to view others' camera feeds.
  • In an online forum, Wyze blamed the issue on a caching problem with a third-party library.
  • The incident follows a 2019 data breach, which exposed 2.4 million Wyze users' data online.

Security device company Wyze has apologized to customers after a camera breach let an estimated 13,000 users see into other people's homes.

The Seattle-based company, which specializes in smart-home products and wireless cameras, blamed the incident on an "issue from a third-party caching client library" that was recently integrated into its system.

In a post on its forum, the company said: "On Friday morning, we had a service outage that led to a security incident."

"We can now confirm that as cameras were coming back online, about 13,000 Wyze users received thumbnails from cameras that were not their own and 1,504 users tapped on them. Most taps enlarged the thumbnail, but in some cases an Event Video was able to be viewed. All affected users have been notified," the email continued.

Wyze said that more than 99.75% of accounts were unaffected by the event but apologized and notified all customers.

Representatives for Wyze did not immediately respond to a request for comment from Business Insider, made outside normal working hours.

The company has suffered breaches before. In 2019, a Wyze data breach was discovered by cybersecurity firm Twelve Security and reported on by The New York Times.

The personal information of 2.4 million Wyze customers was exposed on the internet for 23 days. The data included people's usernames, emails, WiFi details, and health information, the reports said.

In September 2023, after The Verge first reported that some customers could access other cameras, The Times' review section, Wirecutter, pulled its recommendation for the security cameras.

The Times said at the time that it believed Wyze was acting "irresponsibly to its customers" by not contacting them after the breach.

Read the original article on Business Insider

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow