Wyze has built a following by offering reasonably priced smart security cameras and other gadgets for the home, and the company generally enjoys a good reputation among its customers.
But another security breach, this one in recent days, is sure to test some customers’ trust in the company. The latest incident involved around 13,000 Wyze customers receiving images and video from Wyze cameras that didn’t belong to them.
The issue appears to be linked to an outage that impacted Wyze cameras at the tail end of last week. The Seattle-based company blamed the disruption to its service on an issue with cloud company Amazon Web Services (AWS), though it didn’t offer specific details. It was following the outage, as Wyze worked to get its service back up and running, that customers started to see imagery from other people’s cameras.
Realizing the mishap, Wyze sent its customers an email on Monday explaining that around 13,000 accounts had received thumbnail images from Wyze cameras belonging to other customers.
“We can now confirm that as cameras were coming back online, about 13,000 Wyze users received thumbnails from cameras that were not their own and 1,504 users tapped on them,” Wyze said in its email, which was shared by The Verge. “Most taps enlarged the thumbnail, but in some cases an Event Video was able to be viewed.”
Wyze explained in its email that the incident was caused by “a third-party caching client library that was recently integrated into our system. This client library received unprecedented load conditions caused by devices coming back online all at once. As a result of increased demand, it mixed up device ID and user ID mapping and connected some data to incorrect accounts.”
The company said that more than 99.75% of Wyze accounts were not affected by the security event.
It added in its email that to ensure the breach isn’t repeated, i has added a new layer of verification before users are connected to Event Videos, among other measures.
Wyze has been hit by such troubling issues in the past, including an incident similar to this most recent one. But in its email to customers, it insisted that security is a “top priority” for the company, adding: “We are so sorry for this incident and are dedicated to rebuilding your trust.”
Editors’ Recommendations