Wyze Security Camera Incident: What Happened and What’s Being Done
Recently, Wyze, a popular security camera maker, experienced a security incident during a service outage that affected a small number of customers. Here’s what you need to know about the incident and what Wyze is doing to address it:
What Happened:
During a service outage, over 99.75% of Wyze accounts were not impacted. However, some users experienced temporary disabled access to live camera feeds and event videos due to an issue with their partner AWS.
As the camera functionality was being restored, a security lapse was identified. This allowed some users to access incorrect thumbnails and event videos in their Events tab.
Approximately 13,000 Wyze users were presented with thumbnails not associated with their accounts, and 1,504 users interacted with these thumbnails, viewing event videos belonging to others.
What’s Being Done:
Wyze responded promptly by disabling access to the affected tab and launching an investigation into the incident.
To prevent future occurrences, Wyze has added a new layer of verification before users are connected to Event Videos. They have also modified their system to bypass caching for checks on user-device relationships until new client libraries are thoroughly stress-tested for extreme events.
Wyze’s Response:
Wyze acknowledged the disappointment caused by the incident and assured customers that it does not reflect their commitment to protecting customers. They highlighted the investments and actions taken in recent years to make security a top priority at Wyze.
The company has built a security team, implemented multiple processes, created new dashboards, maintained a bug bounty program, and underwent multiple third-party audits and penetration testing prior to this event.
Customer Response:
The incident sparked outrage among some users on Reddit who claimed they cancelled their accounts with the company. It’s crucial for companies like Wyze to prioritize customer trust through robust security measures.
In conclusion,
This security breach serves as a reminder of the importance of safeguarding customer data and privacy. With devices like security cameras being used as baby monitors and more, it’s essential for companies like Wyze to continuously prioritize security measures in order to maintain customer trust.
By addressing this incident transparently and taking proactive steps towards prevention in the future, Wyze can rebuild trust with its customers.