Suzanne Larosa reports:
Wyze, a company that sells smart devices such as security cameras, smart plugs, smart light bulbs and smart door locks, today confirmed a server leak that exposed the details of approximately 2.4 million customers.
The leak occurred after an internal database was accidentally exposed online, Wyze co-founder Dongsheng Song said in a forum post published at Christmas.
Read more on MashViral. There’s a lot of disagreement over this one, and Wyze has also criticized the firms who disclosed the breach, allegedly without giving the firm more than a few minutes to close it before they went public.
Wyze’s statement and update can be found here. Here’s the part about the disclosure:
Did Wyze know about this before the article was published and was there a reasonable effort made to contact Wyze so the Wyze team could fix any issues before anything was published?
We were first contacted through a support ticket at 9:21 a.m. on December 26 by a reporter at IPVM.com 62. The article was published almost immediately after (Published to Twitter at 9:35 a.m.). It was published in conjunction with a blog post from a private security company also published on December 26th. We were made aware of this article at ~10:00 a.m. from a community member who had read the article. As soon as we were aware we took the actions mentioned in our forum post to secure user data.