Wyze Data Breach: What happened And How It Affects You

Wyze data breach exposed the database on the Internet. Worse, it was caused by an employee’s mistake.

What happened? And how can you protect your data?

Introduction

Wyze is a camera company in 2017. It is a Washington-based company. 

Moreover, it holds ties to Amazon. And they also work almost exclusively with them.

In the past years, they offer a low-price camera. It only costs approximately $25 per camera.

However, the company’s database experienced a breach. It exposed 2.4 million users. And leaked at least 40 million records.

Also, the breach lasted for more than three weeks. It started from December 4 to December 26. And it was only closed after seeing a post from a security consulting firm.

Data exposed from the Wyze data breach

Reports from the consulting firm state that the breach exposed the following:

  • user names
  • email addresses
  • list of cameras installed in the home
  • nicknames of the camera
  • device model and firmware
  • WiFi SSID of the user
  • last login and logout time from the app
  • Alexa tokens of the 24,000 Alexa devices

Moreover, they said that it did not expose passwords, financial data, or video files.

Their action

Upon hearing the report, they hired the best developers that examined the potential leak. Also, they added another level of protection to their database.

Moreover, they refreshed the token of all users. It means that users were logged out and forced to log in again.

Additionally, they made an independent cyber investigation. Of how the leak happened.

They also validated their security and privacy environments. And they led Penetration tests. And Wyze asked for help from independent security firms.

Also, they reviewed their internal security policies and processes. And they continued to improve their tools and training.

Besides, they continued to audit their servers and databases. They also emailed the customers and released a forum.

Plus, they grew their two-factor authentication SMS line. It can now send multiple lines. It then helps receive many requests.

How Wyze data breach happened

They originally protected the database. But, there was a mistake by an employee. When using the database, it removed the security protocols.

Additionally, they said that some of the reports are false. Like sending the data to the Alibaba cloud. Also, they told the users in their report. That they did not have the same breach six months ago.

How to secure your account now

If you are a user of Wyze, you must be wondering. How can you protect your data?

Here are some tips.

Change password

First, sign back to the Wyze app. Then, you should change your password. You can do this by following the steps:

My account tab > Email address > Security section > Reset password

Also, if you reused your Wyze password to your other accounts, like Facebook or bank. Change that password, too. 

It is an unsaid policy to never reuse a password. You can use a password manager instead.

Set up two-factor authentication

2FA is another strong protection for your account. Whenever you log in, it will send you a code before you can gain access.

You can do this by going to My account > Email address > Two-factor authentication > On

[Total: 0   Average: 0/5]

Leave a Comment

Your email address will not be published. Required fields are marked *