With the vast amount of companies dealing with consumer data regularly, data leaks that compromise these users’ private information happen alarmingly regularly. Device maker Wyze, famous for developing home security devices with IoT technology in them, has announced a massive security leak of its users’ data. The company states that the data of 2.4 million users appeared openly available on the internet for about a week.
Security Firms On the Ball
Wyze was able to confirm the breach because the user data was brought to their attention by a pair of independent security consulting companies. Twelve Security clued Wyze into the data leak, and IPVM offered an independent verification of the issue. Wyze only acknowledged the problem officially on the 28th of December, stating that it was most likely due to human error and not because of a malicious hacker.
Could Have Been Worse
While Wyze accepted their culpability in the leak, they stated that the problem wasn’t as bad as it could have been. The company noted that the data was initially stored on a protected database. A breach by an employee left the data available online for anyone aware of the leak. The data that the company leaked didn’t contain sensitive information like passwords or financial details for its clients.
Holding the Company Responsible
Data breaches like this are likely to happen more often as time goes by. The company admitted the problem occurred and dealt with it rapidly, but users should also take the company to task for a simple mistake like this. In this case, no sensitive information was involved in the leak, but that is no guarantee that the next time data leaks from Wyze, it will be just as harmless. Wyze is carving its own place in the IoT home security sector as a cheaper alternative to Nest, and the company needs to do better when it comes to the security of the user data it collects and stores.