Wyze camera breach let 13,000 users see strangers’ video feeds

Security camera brand Wyze has today alerted customers to a security incident that enabled 13,000 users to see the video feeds of strangers.

In an email to customers, the company claimed an AWS (Amazon Web Services) outage took Wyze devices offline for several hours. While working to bring those devices back online, a security incident occurred in which some users reported being able to see the video feeds of other users.

"We can now confirm that as cameras were coming back online, about 13,000 Wyze users received thumbnails from cameras that were not their own and 1,504 users tapped on them," the email explained.

"Most taps enlarged the thumbnail, but in some cases an Event Video was able to be viewed. All affected users have been notified."

Wyze says it has since implemented an extra layer of verification before users are connected to Event Videos in an effort to ensure an incident like this doesn't happen again.

This incident isn't the first security breach Wyze has suffered. A similar incident occurred less than six months ago, as reported by The Verge. Wyze blamed the breach on a "caching issue" which it had since resolved.

In 2022, antivirus company BitDefender revealed it had found security vulnerabilities in the Wyze Cam v1 three years prior. Despite alerting Wyze to the vulnerability at the time, the company did not take action to rectify it. It later discontinued the camera after BitDefender's report came to light.

In 2019, cybersecurity firm Twelve Security discovered a data breach that saw 2.4 million Wyze customers' data leaked and available to anyone online. The data included users' emails, locations, list of their cameras (including device numbers and nicknames), Wi-Fi SSID, and even the health information of some users.

The company concluded its email to users with the following statement:

"We must do more and be better, and we will. We are so sorry for this incident and are dedicated to rebuilding your trust."

Having only launched in the US back in 2017, Wyze has experienced more security incidents than most older home security brands.

Given this, we recommend exercising caution if you decide to continue using Wyze cameras. However, until the company adopts more stringent security measures to ensure that these breaches don't continue, we'd advise opting for a more reputable security camera brand.