This is happening much to often. Unless and until companies and their officers are held accountable, the unfortunate trend of exposing people’s personal data will continue.
Update » Wyze executives blame employee – Ars Technica Are you surprised?
Internet-connected device maker Wyze Labs Inc. has suffered a data breach, though the company claims there’s no evidence the data was accessed by any nefarious third parties.
The data breach, first detailed by 12 Security Dec. 26, involved an unsecured Elasticsearch database with 2.4 million customer records. The database included the user names and emails of those who were using Wyze cameras along with various details such as the model of the camera, connection times, account and camera login tokens, and WiFi network names.
Emphasizing how the data in the unsecured database could be used to identify users, security information firm IVPM took the data and matched it to its own staff who had reviewed Wyze products in the past.