If You Have A Wyze Security Camera, Your Data Is Likely In The Wild

I guess we can’t end 2019 without talking about yet another company who somehow managed to leak data that’s tied to its customers. From CNET:

Security camera startup Wyze has confirmed it suffered a data leak earlier this month that left the personal information for millions of its customers exposed on the internet. No passwords or financial information was exposed, but email addresses, Wi-Fi network IDs and body metrics for 2.4 million customers were left unprotected from Dec. 4 through Dec. 26, the company said Friday.

The data was accidentally left exposed when it was transferred to a new database to make the data easier to query, but a company employee failed to maintain previous security protocols during the process, Wyze co-founder Dongsheng Song wrote in a forum post. “We are still looking into this event to figure out why and how this happened,” he wrote…

Among the data exposed in the Wyze leak was the height, weight, gender and other health information for about 140 beta users participating in testing of new hardware, Wyze said.

Amazing. And by amazing, I mean that this leak is amazingly bad. Why was this information needed from beta testers? That’s what I would like to know for starters. But back to the core issue. I’ve said it before and I will say it one more time. There need to be stricter laws to punish companies who let this sort of thing happen. Otherwise companies will just continue to do dumb stuff or not care about the security of the data that they are entrusted with. And customers will suffer as a result. Thus seeing as Wyze appears to be US based, I hope that some congressional committee decides to take a look at this, or somebody like the FTC decides to investigate Wyze and slap them silly. Because this nonsense has to end.

Leave a Reply

%d bloggers like this: