Eufy security camera’s technical flaw let users log into others’ accounts automatically

0
218

Image courtesy: Appleinsider

Early Monday, an apparent software flaw exposed some Eufy security camera customers’ private information and video streams to other users.

Customers first became aware of the security breach when they began reporting the unusual occurrence on Reddit. Customers complained that the Eufy app gave them access to other users’ account information, including both live and recency data. Customers complained that the Eufy app gave them access to other users’ account information, including live and recorded video streams, as well as the ability to control other users’ physical cameras with actions such as pan and zoom.

Eufy spokesman Bryan Saxton described the breach as a “bug,” saying it occurred shortly before 2 a.m. PT (5 a.m. ET) during a server upgrade and allowed a “limited number” of users to access video feeds from strangers’ cameras.

According to Saxton, Eufy’s engineering team had discovered this problem around 2:30 a.m. and got it all fixed by 3:30 a.m. PT. whilst their customers stormed their views of this carelessness ln other social media sites.

While the first reports came from Eufy customers in Australia and New Zealand, before long, users in the United States were reporting similar issues. Saxton confirmed that the problem was limited to the United States, New Zealand, Australia, Cuba, Mexico, Brazil, and Argentina, and that it did not affect other countries. Other devices like Eufy baby monitors, pet care products and alarm systems weren’t hampered.

According to anecdotal evidence from Eufy customers on Reddit and elsewhere, cameras set up with Apple’s HomeKit were also unaffected. A staff writer confirmed that his Eufy account made him appear to be logged in as someone else, with access to the other person’s user details, recordings, and live feeds. The staffer reported that logging out then back in seemed to rest.

“We realise that as a security company we didn’t do good enough”, Paxton said and further emphasized on the fact that the company is working on new security protocols and measures for avoiding mishap in future.