13,000 WYZE Customers Affected By Camera Security Failure

/ 2 months ago

Despite being a tech enthusiast, I often find myself with some form of disdain towards a lot of new tech, such as NFTs, AI, and smart home devices for example, Alexa and smart home security cameras. I’m of the opinion that having a camera inside my home that is connected to the Internet is one of the stupidest things someone could do to their own home, and one of the companies behind these cameras, WYZE, has confirmed why I think this is stupid.

WYZE Security Failure

WYZE are a company that creates home security devices, mostly cameras for both inside the house and outside the house, they are seen as one of the leading choices in this particular market. Recently (Via TomsHardware) the company issued a statement regarding a security incident that occurred on 2/16/24. The company had an AWS service outage on that day that led to some customers receiving access to the wrong camera feeds from other people’s homes.

The company sent out several emails to their customers depending on how they were effected including the first to all unaffected customers, a second to “users whose event thumbnails were made available to others but not tapped on.”, a third to “users whose event thumbnails were made available to others and were tapped on.” and finally a fourth that “went out to users who had thumbnails made available to them that were not their own, but their thumbnails were not made available to others.” All of these emails can be read on forums.wyze.com.

In the emails, the company confirms that as cameras were coming back online, “around 13,000 WYZE users received thumbnails from cameras that were not their own” and of those 13,000, 1,504 users tapped on them. In most cases this only showed an enlarged thumbnail, but in some the full event video could be viewed.

WYZE claims this happened due to a third-party caching client library that was recently integrated into their system. This library received “unprecedented load conditions” caused by devices all coming back online at once and mixing up the device ID and user ID mapping.

How Will WYZE Prevent This In The Future?

To ensure that this does not happen again, WYZE has added a new layer of verification before users are connected to Event Videos, they have also modified their system to bypass caching for checks on user-device relationships until they identify new client libraries that are thoroughly stress tested for extreme events such as the one experienced on Friday.

Of course this event wasn’t malicious and for the most part, the affected customers likely have no idea who’s feed they were looking at, but it is still concerning. The key prevention here is to stop using network connected smart cameras inside your homes, outside sure, but inside? No thank you.

Topics: , ,

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.
eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

  • Be Social With eTeknix

    Facebook Twitter YouTube Instagram Reddit RSS Discord Patreon TikTok Twitch

  • Features

    Computex CES
    Fun Reads eTeknix Deals

Send this to a friend
})