Teacher
Professional
- Messages
- 2,670
- Reaction score
- 779
- Points
- 113
A problem in the system opened up access to other people's cameras.
Owners of Wyze surveillance cameras faced an unusual and disturbing problem: they were granted access to other people's cameras and even received notifications about events in other people's homes. Wyze co-founder David Crosby confirmed the information to The Verge, explaining that due to problems, some users could see thumbnails of videos from other people's cameras in the "Events" section of the app.
According to Wyze representatives, the problem appeared after a service failure caused by an error on the Amazon Web Services (AWS) side. In a post on the Wyze forum, Crosby noted that due to the overload of the company's servers, user data was corrupted, which led to a security vulnerability. As a result of the crash, users got access to viewing thumbnails of videos belonging to other accounts, but they could not get access to the videos themselves or live broadcasts. According to Crosby, 14 such incidents were identified, after which the "Events" section was temporarily disabled.
Wyze has announced its intention to notify all affected users and has already taken measures to strengthen security, including forcing all recently active users to log out of the app in order to reset their access tokens. Crosby assured that the company will explain in detail the reasons for the incident and take additional steps to prevent similar incidents in the future.
It is worth noting that this incident is not the only case of violation of the privacy of Wyze camera owners. Last year, Wyze customers experienced an unexpected outage. Their devices began to record an extraneous video stream, that is, an image from other cameras was broadcast to the screen. According to technical support, this was due to a problem with web caching.
And in 2019, Wyze confirmed a data leak from the server, as a result of which the personal information of about 2.4 million customers was found on the network. Customer email addresses, names of security cameras, and WiFi network SSIDs were disclosed, among other things.
Owners of Wyze surveillance cameras faced an unusual and disturbing problem: they were granted access to other people's cameras and even received notifications about events in other people's homes. Wyze co-founder David Crosby confirmed the information to The Verge, explaining that due to problems, some users could see thumbnails of videos from other people's cameras in the "Events" section of the app.
According to Wyze representatives, the problem appeared after a service failure caused by an error on the Amazon Web Services (AWS) side. In a post on the Wyze forum, Crosby noted that due to the overload of the company's servers, user data was corrupted, which led to a security vulnerability. As a result of the crash, users got access to viewing thumbnails of videos belonging to other accounts, but they could not get access to the videos themselves or live broadcasts. According to Crosby, 14 such incidents were identified, after which the "Events" section was temporarily disabled.
Wyze has announced its intention to notify all affected users and has already taken measures to strengthen security, including forcing all recently active users to log out of the app in order to reset their access tokens. Crosby assured that the company will explain in detail the reasons for the incident and take additional steps to prevent similar incidents in the future.
It is worth noting that this incident is not the only case of violation of the privacy of Wyze camera owners. Last year, Wyze customers experienced an unexpected outage. Their devices began to record an extraneous video stream, that is, an image from other cameras was broadcast to the screen. According to technical support, this was due to a problem with web caching.
And in 2019, Wyze confirmed a data leak from the server, as a result of which the personal information of about 2.4 million customers was found on the network. Customer email addresses, names of security cameras, and WiFi network SSIDs were disclosed, among other things.
