Are your Wyze Devices Safe?
In the past few days, reports of a Wyze data breach have emerged. It was first reported in a blog post by Twelve Security where they detailed information that a database with customer data was left exposed on the internet. The information was relayed to Wyze (after being publicly posted first unfortunately) and Wyze immediately responded by locking down the database and resetting all security tokens for their users. The reaction was swift and happened within 6 hours of a support ticket being submitted informing them of the blog post.
After some investigation by Wyze, they have confirmed the breach and stated that this was a subset copy of their main production databases. It did not include any user passwords or financial data. It did however include email addresses and have warned their user base to be weary of future spam and phishing attacks.
You can read about the entire incident here:
https://forums.wyzecam.com/t/updated-12-27-19-data-leak-12-26-2019/79046
I’m happy to see Wyze being open and transparent about the incident so users can be more cautious and change passwords if they want to be vigilant. I was also happy to see Wyze move quickly to reset all security tokens when they first heard about the potential for the breach.
Stay Safe out there! (and use a password manager!)
–Carlo