The More You Know: Smart devices in the home can lead to a data breach

Smart technology has become ingrained in countless facets of everyday life.  With the conveniences inherent in this come more and more cyber security risks.  Wyze, a company that offers home cameras and other smart devices, recently experienced a data breach reportedly caused by the inability of Amazon Web Service (AWS) servers to handle an outage that led to corrupt user data.  As a result, customer feeds got all discombobulated and over 13,000 people received images from cameras in homes not their own.

Due to this trouble with their web host provider, Wyze has sent out several rounds of emails to all their customers to alert them of the incident and the company’s plans to prevent any recurrence.  Originally, Wyze thought only 14 customers saw these thumbnails, before the number swelled.  Accordingly, Wyze has added “a new layer of verification before users are connected to Event Video,” as well as modifying their systems to “bypass caching for checks on user-device relationships until we identify new client libraries that are thoroughly stress tested for extreme events.” 

While risks are intrinsic in all business relationships with third-party suppliers, this is just all the more to make sure your sensitive data is protected in the event something does go wrong in the supply chain.  Especially when, as in Wyze’s case, one has already experienced data breaches in recent years.  In 2022, Wyze faced and eventually settled a class action lawsuit for concealing a vulnerability that hackers exploited to see images and videos in memory cards. 

This incident in particular is a perfect illustration of the inevitably of data breaches.  Sometimes these things just happen.  Perhaps the only extra safeguard Wyze could have prepared for this kind of breach is the step they are taking now – to provide that layer of verification before establishing connection.  Rather than surrender to this inevitably, however, it becomes all the more crucial to make sure every conceivable avenue of attack is blocked, compliance standards are met, and incident response measures are in place to handle a security situation and mitigate damage.  And when data does get exposed, whether through malicious intent or technical trouble, it is also critical to have strong data encryption.  NetLib Security’s Encryptionizer offers such a solution, transparently encrypting your stored data out of the box across all environments – physical, virtual and cloud.

Little explanation is required to understand the breach of privacy that is strangers suddenly seeing an image inside your home.  Customers have rights pertaining to the security of their data must make sure to hold their vendors accountable as well.  Because if you’re not looking out for your own data safety, there’s a chance that no one is.

By: Jonathan Weicher, post on February 28, 2024
Originally published at: https://www.netlibsecurity.com
Copyright: NetLib Security