Sydney Feb 20: Wyze, the renowned smart home device manufacturer, experienced a significant service outage last Friday morning, attributed to complications with its partner AWS.
The disruption, which lasted several hours, primarily affected the ability of users to access live camera feeds and event recordings, causing widespread concern among its customer base.
Amid efforts to restore service, Wyze disclosed a concurrent security breach impacting a small fraction of its user base.
The anomaly resulted in approximately 13,000 users inadvertently receiving access to thumbnail images from cameras not associated with their accounts.
Further investigation revealed that 1,504 individuals engaged with these thumbnails, with some encounters leading to the viewing of event videos belonging to others.
Wyze has since reached out to all affected parties to inform them of the breach, emphasizing that the vast majority of its users, including the recipient of this notice, were not compromised.
The root cause of the incident has been traced back to a third-party caching client library, recently integrated into Wyze’s system.
The library failed under the unusual load conditions presented by devices simultaneously reconnecting to the network, resulting in a mix-up of device ID and user ID mappings.
In response, Wyze has implemented additional safeguards, including a new verification layer prior to event video access and a temporary suspension of caching for user-device relationship checks.
These measures aim to fortify the system against similar incidents in the future.
Wyze’s commitment to security is longstanding, highlighted by significant investments in their security infrastructure, including the formation of a dedicated security team, the implementation of rigorous processes, the introduction of new monitoring dashboards, the maintenance of a bug bounty program, and the execution of third-party audits and penetration testing.
The company expressed its regret over the incident, acknowledging the importance of user trust and pledging to undertake further actions to prevent such occurrences.
Wyze’s dedication to improving its security measures reflects its ongoing commitment to protecting its customers and reinforcing the trust placed in its products and services.
Editor’s note: Check out our review of the Wyze security camera here.
Media & PR: editor@dailystraits.com. Copyright 2021–Present DailyStraits.com. All rights reserved.