After a breach let 13,000 clients look into other people’s homes, Wyze, a security camera firm claiming 10 million users, found itself in trouble. Wyze sent an email to all of its clients, placing the responsibility on an external web server and apologizing for the incident.
Dave Crosby, co-founder of Wyze, recently announced that over a dozen individuals had their Wyze cameras temporarily exposed. Soon after, the figure had swelled to thirteen thousand.
According to a report, the discovery was made public in an email. Wyze admitted to the breach, apologized, and attempted to place some of the responsibility on its web hosting provider, Amazon Web Services (AWS).
As Wyze was trying to get its cameras back up, that’s when the breach happened. Strange pictures and videos were appearing on customers’ Events tabs. When Wyze started its own investigation, it blocked users from accessing the tab.
As it has in the past, Wyze is attributing the event to the recent integration of a third-party caching library into its system. Last year, a similar situation happened.
Wyze has assured the public that it has informed all affected users of the security issue and that more than ninety-nine percent of its clients were unaffected, according to a report.
Crosby’s post on Subreddit said the event impacted around 0.25% of Wyze members. This includes both those who got thumbnails of videos and those whose thumbnails were forwarded to another account.
To ensure this doesn’t happen again, the cofounder informed customers that Wyze’s technical team has introduced an extra security measure to verify users and event footage.
According to Crosby, the client library has been deleted, and caching will not be used until a replacement client library can be located and tested under severe conditions, similar to what happened recently,adding that the inquiry is continuing.
