Alexa Bug Left Personal Data Vulnerable To Hackers

By   ISBuzz Team
Writer , Information Security Buzz | Aug 14, 2020 07:04 am PST

Amazon’s Alexa platform had bugs that a hacker could have exploited to grab a target’s entire voice history, according to Wired. This left the entirety of users’ recorded audio interactions with Alexa vulnerable, as well as additional personal information. Since, Amazon has patched the flaws, which could have yielded profile information, including home address and the “skills,” or apps, the user had added for Alexa. An attacker could have even deleted an existing skill and installed a malicious one to grab more data after the initial attack.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
InfoSec Expert
August 14, 2020 3:07 pm

Smart speakers are like putting listening devices in your home. As we talk much more than we type, it can be easy to forget about the associated risks. Smart speakers have the capacity to pick up a lot of personal information, so they remain key targets for bad actors.

Owners are advised to use a smart speaker with caution and never disclose sensitive information out loud when one of these devices is in ear shot. The manufacturers have a duty to keep them secure and hence release patches as soon as any flaws are discovered. However, attackers are constantly looking for vulnerabilities to exploit and therefore, users are vulnerable to attack between a flaw being located and when they are patched. Although it may seem counter intuitive to the essence of a smart speaker, it is advised to lock down your voice assistant interactions and only turn it on when it is required, reducing the chance of any private information leakage.

Last edited 3 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x