How a Wyze Camera Breach Let 13,000 People Spy on Strangers

Although the overwhelming majority of Wyze users weren't impacted, the company still has some tough questions to answer.

Wireless camera manufacturer Wyze has been forced to apologize for a major privacy breach after as many as 13,000 customers are thought to have been able to see into each other’s homes due to a technical fault.

The company has blamed the breach on Amazon Web Services (AWS), stating that the problems started to occur after an outage took down Wyze cameras for several hours.

AWS has acknowledged its part in the problem, which you might be tempted to gloss over – except it’s the second time Wyze has seen its supposedly private camera footage leak in just five months.

Wyze Breach: What Happened?

On February 16, Amazon Web Services (AWS) experienced an outage that took some Wyze customers’ cameras offline. During this time, Wyze customers were unable to view events captured from their cameras or a live view.

When the cameras were turned back on, rather than seeing footage from their own homes, thousands of Wyze users were instead presented with video of events captured on other users’ home surveillance systems

After being alerted to the issue, Wyze quickly disabled the affected cameras. The company said says that overall, more than 1,500 people enlarged the thumbnail showing a stranger’s property out of a total of 13,000 impacted – a fair few more than the original estimate of 14.

However, 99.75% of its users were unaffected by the disruption, though it’s probably safe to say 100% will be thinking twice about their choice of home security camera provider.

That’s not just because those who were impacted were left feeling “violated”, but because Wyze has an increasingly long history of privacy mishaps, including an incident last September where a “web caching issue” left the feeds of 10 users viewable to thousands of strangers.

 

About Tech.co Video Thumbnail Showing Lead Writer Conor Cawley Smiling Next to Tech.co LogoThis just in! View
the top business tech deals for 2024 👨‍💻
See the list button

Why Were Customers Able to See Each Other?

Wyze says that the problems started to happen after the AWS outage. The company believes the huge number of cameras all coming back online at once caused an overload of the system, which culminated in the breach of privacy.

“The incident was caused by a third-party caching client library that was recently integrated into our system” Wyze explained in an email sent round to customers.

“This client library received unprecedented load conditions caused by devices coming back online all at once. As a result of increased demand, it mixed up device ID and user ID mapping and connected some data to incorrect accounts.”

Taking Steps to Protect Your Digital Privacy

Situations like this reflect the sad reality that often, it’s difficult to truly take control of your own privacy online. We trust lots of companies to keep our data safe because they offer a service we want, and we pay a high price for that convenience.

Social media and other platforms often succumb to cyberattacks, while system vulnerabilities and glitches continue to pop up at every turn – just ask the ChatGPT account holders who suddenly had their chat titles exposed to other users.

There are still some steps you can take to keep yourself safe, such as using a reputable VPN and password manager. The former will ensure your traffic is encrypted and your IP address hidden at all times, while the latter will ensure you can create unique passwords for all your accounts and minimize the damage a cyber attack can cause you.

Of course, whatever tech you’re buying – from software to home surveillance systems – it’s crucial to do your research. Some companies have patchier security histories than others, and sometimes a poor track record should serve as more than just a red flag and be an active deal breaker.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is Tech.co's Content Manager. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol six years ago. Aaron's focus areas include VPNs, cybersecurity, AI and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, Lifewire, HR News and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals