The company said most of the victims appear to be in North America and in the U.S. there were some similar incidents across Europe, Australia and Switzerland. It appears their attack was limited to North America.
“To date, we have only identified security camera companies that have been affected globally,” Wyze Labs said in a blog post. “Our customers did not have their camera feeds publicly viewable on YouTube nor on Facebook, so we believe this is the first time that anyone from our customers have been identified through a global security incident involving our cameras and security footage.”
The security cameras are connected via Ethernet (usually WiFi), with a wireless router plugged into a power source. With any connected device, users can connect to other networks via an Ethernet wire. There’s no indication what kinds of cameras were affected in an ongoing investigation. The website says it’s now working on a fix for the issue, and that the company is offering a free 30-day trial period. The website asks for any camera owners and others that are worried about their video feed on social media to email [email protected]. While it’s not clear what type of hardware the breaches were at, other reports state that security cameras connected over USB had been hacked and video was posted to the Internet. Security researchers have been tracking the hacking attack that began last night in the U.S., and this is the first known incident of a local cyberattack.
Update at 11:50: Bloomberg reports that the vulnerability has been fixed – and that Wyze Labs has notified users. “We had only been contacted once by a customer and were in contact shortly after the incident was discovered,” Wyze Labs said.
Update at 11:50 another security researcher who works on the Wyze Labs platform, Adam Caudill, told Ars Technica that the incident has been fixed. He says this is the first known incident in which users have their video feeds on the Internet. “This is not an update for today, but it’s just the first confirmed incident,” Caudill told TechCrunch.
Photo: Jason Koebler