Wyze’s database exposes 2,400,000 users’ personal information
https://www.infosecurity-magazine.com/news/us-biz-closes-doors-after/
Exploit: Unprotected database
Wyze: Low-budget home security company
Risk to Small Business: 2.222 = Severe: A cybersecurity company identified an exposed database containing the personal details of millions of Wyze users. The breach, which has not been confirmed by Wyze, is an unforced error that could have serious and financial and reputational implications. Smart home technology is often targeted by hackers due to its sensitive nature, and many consumers are already unwilling to work with companies that cannot protect their personal data, especially when it impacts their peace of mind and security.
Individual Risk: 2.428 = Severe: Users’ personal data, including email addresses, list of cameras, camera names, Wi-Fi SSID, API tokens, and Alexa tokens, were all publicly available from the exposed database. Those impacted by the breach should reset their account passwords, enable two-factor authentication, and closely monitor their accounts for unusual activity.
Customers Impacted: 2,400,000
How it Could Affect Your Customers’ Business: Today’s consumers are beginning to make buying decisions based on a brand’s data security reputation. Especially in a sensitive sector like smart home technology, a strong cybersecurity posture is a prerequisite for long-term success. Unforced errors, such as leaving a database exposed, become especially egregious. Of course, mistakes do happen, and businesses need a response plan to contain the event and to identify the scope of the problem as quickly as possible.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
