Wyze leaks personal data for 2.4 million security camera users - Engadget

Sponsored Links

Engadget

You buy a home monitoring camera to improve your security, but Wyze customers might have wound up achieving the opposite. The company, which makes $20 security cameras to pepper around your home, has admitted that data on more than 2.4 million users has been exposed. A database was left exposed, allowing people to access key pieces of data, although financial information was not included.

The issue was uncovered by consulting firm Twelve Security, who announced that sensitive user data had been left exposed on the internet. This included a staggering array of personal information including email addresses, a list of cameras in the house, WiFi SSIDs and even health information including height, weight, gender, bone density and more.

The Twelve Security researcher who disclosed the issue wrote that the database of information was live and open, with anyone able to access it. They described it as the largest breach they had even seen in their ten year career, and concluded, "If this was intentional espionage or gross negligence, it remains a malicious action that must be answered in the form of a decisive, external, and fast investigation by US authorities."

For its part, Wyze responded with a series of forum posts confirming the leak but denying some parts of the Twelve Security report. "We are confirming that some Wyze user data was not properly secured and left exposed from December 4th to December 26th," the company said. It denied that it had leaked bone density information, for example, but confirmed it had leaked "body metrics" for a small number of beta testers.

Wyze says it is investigating what happened and how the leak occurred, and that it plans to send an email notification to affected customers. In the meantime, if you have a Wyze account it's a good idea to change your password and turn on two-factor authentication.

Via: Cnet

Source: Wyze, Twelve Security

In this article: data breach, gear, leak, security, twelve security, wyze

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiQGh0dHBzOi8vd3d3LmVuZ2FkZ2V0LmNvbS8yMDE5LzEyLzMwL3d5emUtbGVhay0yLTQtbWlsbGlvbi11c2Vycy_SAURodHRwczovL3d3dy5lbmdhZGdldC5jb20vYW1wLzIwMTkvMTIvMzAvd3l6ZS1sZWFrLTItNC1taWxsaW9uLXVzZXJzLw?oc=5

2019-12-30 12:03:25Z
52780526848475

Wyze leaks personal data for 2.4 million security camera users - Engadget

Sponsored Links

Engadget

You buy a home monitoring camera to improve your security, but Wyze customers might have wound up achieving the opposite. The company, which makes $20 security cameras to pepper around your home, has admitted that data on more than 2.4 million users has been exposed. A database was left exposed, allowing people to access key pieces of data, although financial information was not included.

The issue was uncovered by consulting firm Twelve Security, who announced that sensitive user data had been left exposed on the internet. This included a staggering array of personal information including email addresses, a list of cameras in the house, WiFi SSIDs and even health information including height, weight, gender, bone density and more.

The Twelve Security researcher who disclosed the issue wrote that the database of information was live and open, with anyone able to access it. They described it as the largest breach they had even seen in their ten year career, and concluded, "If this was intentional espionage or gross negligence, it remains a malicious action that must be answered in the form of a decisive, external, and fast investigation by US authorities."

For its part, Wyze responded with a series of forum posts confirming the leak but denying some parts of the Twelve Security report. "We are confirming that some Wyze user data was not properly secured and left exposed from December 4th to December 26th," the company said. It denied that it had leaked bone density information, for example, but confirmed it had leaked "body metrics" for a small number of beta testers.

Wyze says it is investigating what happened and how the leak occurred, and that it plans to send an email notification to affected customers. In the meantime, if you have a Wyze account it's a good idea to change your password and turn on two-factor authentication.

Via: Cnet

Source: Wyze, Twelve Security

In this article: data breach, gear, leak, security, twelve security, wyze

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiQGh0dHBzOi8vd3d3LmVuZ2FkZ2V0LmNvbS8yMDE5LzEyLzMwL3d5emUtbGVhay0yLTQtbWlsbGlvbi11c2Vycy_SAURodHRwczovL3d3dy5lbmdhZGdldC5jb20vYW1wLzIwMTkvMTIvMzAvd3l6ZS1sZWFrLTItNC1taWxsaW9uLXVzZXJzLw?oc=5

2019-12-30 11:34:09Z
52780526848475

IoT giant exposes millions of customer details online - TechRadar India

Smart device company Wyze has confirmed it accidentally exposed a database containing details from up to 2.4 million customers online.

The incident happened early in December, eventually being noticed by cybersecurity company Twelve Security at the end of the month, when it was reported by video surveillance news website IPVM.

According to Wyze, a budget vendor in smart devices such as cameras, locks, bulbs, and plugs, the database was a test environment for making information processing more efficient.

Data exposed

However, while Wyze said it was exposed in error, Twelve Security reported that details included email addresses, usernames, and security tokens - enough information for malicious third parties to take control over any smart devices affected.

Wyze has since reset its systems to help prevent that. 

The problem arose when Wyze, using Amazon Web Services to process Internet of Things (IoT) data, left security protocols off that allowed their Elasticsearch data to be accessed online. It remains a reminder to businesses that they are ultimately responsible for security when it comes to cloud computing services.

However, this isn't the first time Wyze have run into problems with user access. Earlier this year a flaw in their system allowed users to still access smart cameras that had been reassigned to another account.

Via ZDnet

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiQ2h0dHBzOi8vd3d3LnRlY2hyYWRhci5jb20vbmV3cy93eXplLWV4cG9zZXMtY3VzdG9tZXItZGV0YWlscy1vbmxpbmXSAUdodHRwczovL3d3dy50ZWNocmFkYXIuY29tL2FtcC9uZXdzL3d5emUtZXhwb3Nlcy1jdXN0b21lci1kZXRhaWxzLW9ubGluZQ?oc=5

2019-12-30 10:49:00Z
52780526848475

Apparent Galaxy S10 Lite user manual confirms design, several features - Android Authority

Android Headlines

We’ve seen loads of Samsung Galaxy S10 Lite leaks in recent weeks, ranging from the design to specs and more. Now, it seems like official documentation may have confirmed some of these details.

SamMobile has obtained a user manual for the Galaxy S10 Lite (albeit in Portuguese), and it confirms a variety of rumored features. Elements seen in the user manual include a center-mounted punch-hole cutout, a triple rear camera setup, and an in-display fingerprint sensor.

The manual also shows all major buttons on the right hand side, a USB-C port at the bottom, and NFC/MST for Samsung Pay. There’s no mention of a 3.5mm port though, which means you might want to grab the Galaxy S10e if you want legacy wired audio on a cheap Samsung flagship.

Samsung’s latest device is tipped to offer a Snapdragon 855 chipset, a 6.7-inch OLED screen, 8GB of RAM, and 128GB of storage. Other rumored specs include a 32MP selfie camera and a triple rear camera setup (48MP primary, 12MP ultra-wide, and 5MP macro).

It’s believed that the Samsung Galaxy S10 Lite will be announced alongside the Note 10 Lite at CES 2020 next month. So those on the hunt for an affordable flagship might want to keep an eye on the show.

More posts about Samsung

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiSGh0dHBzOi8vd3d3LmFuZHJvaWRhdXRob3JpdHkuY29tL3NhbXN1bmctZ2FsYXh5LXMxMC1saXRlLW1hbnVhbC0xMDcwMDc1L9IBTGh0dHBzOi8vd3d3LmFuZHJvaWRhdXRob3JpdHkuY29tL3NhbXN1bmctZ2FsYXh5LXMxMC1saXRlLW1hbnVhbC0xMDcwMDc1L2FtcC8?oc=5

2019-12-30 07:40:12Z
52780525641475

New York doctor sues Apple over irregular heartbeat detection - Engadget

Sponsored Links

Evan Rodgers/Engadget

The heart monitoring technology inside the Apple Watch may be useful for scientific studies and even saving lives, but one doctor believes it's also straight-up theft. New York University cardiologist Dr. Joseph Wiesel has sued Apple over allegations the Watch violates a patented method for detecting atrial fibrillation. Wiesel claimed that he shared details of the patent with Apple in September 2017, but that the company "refused to negotiate in good faith" and left him no choice but to file a lawsuit.

The doctor hopes to block Apple from using the atrial fibrillation detection method without paying royalties. We've asked Apple for comment, although it doesn't typically comment on lawsuits.

Apple is no stranger to patent lawsuits, although those frequently come from trolls that either didn't develop a given piece of technology or have no intention of putting it into a real product. This is different -- Wiesel is clearly the inventor. Still, he may face a challenging court battle. He'll have to show that Apple's technique is highly similar, and not just vaguely familiar-looking.

Via: 9to5Mac

Source: Bloomberg

In this article: apple, apple watch, atrial fibrillation, gear, health, heartbeat, lawsuit, medicine, patent, patents, smartwatch, wearables

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiYmh0dHBzOi8vd3d3LmVuZ2FkZ2V0LmNvbS8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v0gFmaHR0cHM6Ly93d3cuZW5nYWRnZXQuY29tL2FtcC8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v?oc=5

2019-12-29 14:44:51Z
52780524654000

New York doctor sues Apple over irregular heartbeat detection - Engadget

Sponsored Links

Evan Rodgers/Engadget

The heart monitoring technology inside the Apple Watch may be useful for scientific studies and even saving lives, but one doctor believes it's also straight-up theft. New York University cardiologist Dr. Joseph Wiesel has sued Apple over allegations the Watch violates a patented method for detecting atrial fibrillation. Wiesel claimed that he shared details of the patent with Apple in September 2017, but that the company "refused to negotiate in good faith" and left him no choice but to file a lawsuit.

The doctor hopes to block Apple from using the atrial fibrillation detection method without paying royalties. We've asked Apple for comment, although it doesn't typically comment on lawsuits.

Apple is no stranger to patent lawsuits, although those frequently come from trolls that either didn't develop a given piece of technology or have no intention of putting it into a real product. This is different -- Wiesel is clearly the inventor. Still, he may face a challenging court battle. He'll have to show that Apple's technique is highly similar, and not just vaguely familiar-looking.

Via: 9to5Mac

Source: Bloomberg

In this article: apple, apple watch, atrial fibrillation, gear, health, heartbeat, lawsuit, medicine, patent, patents, smartwatch, wearables

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiYmh0dHBzOi8vd3d3LmVuZ2FkZ2V0LmNvbS8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v0gFmaHR0cHM6Ly93d3cuZW5nYWRnZXQuY29tL2FtcC8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v?oc=5

2019-12-29 14:07:47Z
52780524654000

New York doctor sues Apple over irregular heartbeat detection - Engadget

Sponsored Links

Evan Rodgers/Engadget

The heart monitoring technology inside the Apple Watch may be useful for scientific studies and even saving lives, but one doctor believes it's also straight-up theft. New York University cardiologist Dr. Joseph Wiesel has sued Apple over allegations the Watch violates a patented method for detecting atrial fibrillation. Wiesel claimed that he shared details of the patent with Apple in September 2017, but that the company "refused to negotiate in good faith" and left him no choice but to file a lawsuit.

The doctor hopes to block Apple from using the atrial fibrillation detection method without paying royalties. We've asked Apple for comment, although it doesn't typically comment on lawsuits.

Apple is no stranger to patent lawsuits, although those frequently come from trolls that either didn't develop a given piece of technology or have no intention of putting it into a real product. This is different -- Wiesel is clearly the inventor. Still, he may face a challenging court battle. He'll have to show that Apple's technique is highly similar, and not just vaguely familiar-looking.

Via: 9to5Mac

Source: Bloomberg

In this article: apple, apple watch, atrial fibrillation, gear, health, heartbeat, lawsuit, medicine, patent, patents, smartwatch, wearables

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comments

Share

Tweet

Share

Save

Let's block ads! (Why?)

https://news.google.com/__i/rss/rd/articles/CBMiYmh0dHBzOi8vd3d3LmVuZ2FkZ2V0LmNvbS8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v0gFmaHR0cHM6Ly93d3cuZW5nYWRnZXQuY29tL2FtcC8yMDE5LzEyLzI5L25ldy15b3JrLWRvY3Rvci1zdWVzLWFwcGxlLW92ZXItaXJyZWd1bGFyLWhlYXJ0YmVhdC1kZXRlY3Rpb24v?oc=5

2019-12-29 14:01:54Z
52780524654000