As reported by Digital Trends, IoT company Eufy showed users the wrong video footage on Monday. Users from around the world reported they could see other peoples’ feeds and even control their cameras. All of their contact details could also be accessed.
Anker, the parent company of Eufy, confirmed the issue took place in numerous countries and was due to a software bug during a server update. The issue was reportedly corrected within an hour of being discovered at 5:30 a.m. ET today, but Eufy has been light on details regarding exactly how the breach happened.
<p>Any device connected to the internet poses a level of risk which must be reflected upon and addressed if there is any concern. Many IoT devices are sold with limited security controls by design and often work out of the box without adding protection by default. To minimise the risk of a data breach, it is important to make sure any IoT device is properly set up with a complex password and two factor authentication. Furthermore, when placing security cameras in the house people must refrain from placing them in locations which could potentially monitor sensitive footage. Positioning of such cameras is key to making these devices function correctly as well as reducing any threat of criminal activity if they were to become compromised and exposed.</p>