SEATTLE — Smart home and wireless camera company Wyze says it let customers down when it was victimized by a breach that briefly allowed 13,000 customers to see into others’ homes, according to a report by The Verge.
Wyze company leaders apologized to customers in a letter entitled “An Important Security Message from Wyze,” pointing some of the blame at its web hosting provider, Amazon Web Services.
This isn’t the first time the ultra-affordable camera manufacturer has found its network compromised, though.
In December 2020, Wyze notified its 2.4 million customers that their camera information, WiFi network details, email addresses, tokens associated with Alexa integrations and “body metrics for a small number of product beta testers” were exposed.
“The outage originated from our partner AWS and took down Wyze devices for several hours early Friday morning,” the company said in an email to customers. “If you tried to view live cameras or Events during that time, you likely weren’t able to. We’re very sorry for the frustration and confusion this caused.”
Inside the Wyze Camera Breach
Wyze’s latest breach occurred as the company was attempting to bring its cameras back online, according to The Verge. Customers were reporting seeing mysterious images and video footage in their own Events tab. Wyze disabled access to the tab and launched its own investigation, the report says.
Wyze points to “a third-party caching client library” that was recently integrated into its system as the reason behind the breach.
“This client library received unprecedented load conditions caused by devices coming back online all at once,” Wyze told its customers in the email. “As a result of increased demand, it mixed up device ID and user ID mapping and connected some data to incorrect accounts.”
According to The Verge, an estimated 13,000 people from getting an unauthorized look at thumbnails from a strangers’ homes. More than 1,500 people tapped on thumbnails to enlarge them, according to Wyze, and a few of them caught a video that they were able to view, the report says.
Wyze also claims that all impacted users have been notified of the security breach, and that more than 99 percent of all of its customers weren’t affected, according to The Verge.
The post Wyze Camera Breach Allowed 13,000 Customers See Into Others’ Homes appeared first on Security Sales & Integration.