Alexa Bug Left Personal Data Vulnerable To Hackers

Amazon’s Alexa platform had bugs that a hacker could have exploited to grab a target’s entire voice history, according to Wired. This left the entirety of users’ recorded audio interactions with Alexa vulnerable, as well as additional personal information. Since, Amazon has patched the flaws, which could have yielded profile information, including home address and the “skills,” or apps, the user had added for Alexa. An attacker could have even deleted an existing skill and installed a malicious one to grab more data after the initial attack.

Experts Comments

August 14, 2020
Jake Moore
Cybersecurity Specialist
ESET
Smart speakers are like putting listening devices in your home. As we talk much more than we type, it can be easy to forget about the associated risks. Smart speakers have the capacity to pick up a lot of personal information, so they remain key targets for bad actors. Owners are advised to use a smart speaker with caution and never disclose sensitive information out loud when one of these devices is in ear shot. The manufacturers have a duty to keep them secure and hence release patches as.....Read More
Smart speakers are like putting listening devices in your home. As we talk much more than we type, it can be easy to forget about the associated risks. Smart speakers have the capacity to pick up a lot of personal information, so they remain key targets for bad actors. Owners are advised to use a smart speaker with caution and never disclose sensitive information out loud when one of these devices is in ear shot. The manufacturers have a duty to keep them secure and hence release patches as soon as any flaws are discovered. However, attackers are constantly looking for vulnerabilities to exploit and therefore, users are vulnerable to attack between a flaw being located and when they are patched. Although it may seem counter intuitive to the essence of a smart speaker, it is advised to lock down your voice assistant interactions and only turn it on when it is required, reducing the chance of any private information leakage.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.