Very good post very good post
The only problem I have at this point is the lack of communication with the users at large. I think the right thing to do is email all registered users the information posted at the top of this post on 12/27.
And provide updates or means to obtain an update (if people don’t want successive emails).
When you are already in the connection you are already authenticated. You will not be affected for this case. Once your connection is off or you make some other operations (e.g. move to the device list page or event page) you will be logged out until you manually log in again.
[Update] I saw Mark has responded this morning. This is duplicate info
suspected data breach which may contain not a lot of useful info
there has been plenty of communications. I dont know why people are making a massive thing on this…
A couple of posts have been removed that do not follow the Community Guidelines. Please keep the guidelines in mind when posting, particularly this section:
Sometimes we will disagree on topics. You may even think that the other person is outright wrong! That’s just part of being human talking to other humans. But when you respond, remember to criticize ideas, not people . Please avoid:
- Ad hominem attacks (personal attacks instead of discussing content of a post)
- Responding to a post’s tone instead of its actual content
- Knee-jerk contradiction
Instead, provide reasoned counter-arguments that focus on the ideas instead of the person. If someone has something negative to say about Wyze or our products, there’s likely a reason for that. Just tag in a mod or admin to make sure that the feedback goes where it needs to and we have an opportunity to consider and respond to what they’re saying.
If it’s getting to that point it might be Time to shut this down and end the posting to this particular thread. And then as more information comes forward we will get it via email as has been stated earlier
I will buy $10 each, you pay shipping.
Cams are small, i’d even pay shipping
There was one email to the general user base (that I’m aware of) that contained zero information about the breach.
Posting on a forum that has a very small percentage of the user base isn’t plenty of communication. Nor is posting on Facebook.
I love Wyze as much as the rest of you but as a company that prides itself on transparency I feel they could have shared the info from this post with the general user base.
I don’t understand why that’s so much to ask.
They are $40 a piece here in Canada…just pay the $20 and buy em new.
Totally agree…they should have sent an email to EVERY registered owner to let them know what was up vs waiting a month to announce it.
Life Labs here in Canada recently came out with a similar story of a medical records breach that happened months ago but they just released the info this month.
People are P*SSED and now suing them.
When you are a company/corporation and make users agree to your user agreement about your info and assure the customers their info is safe and secure and then that is breached only to wait month(s) to tell said customers, that is just rotten practice, plain and simple.
It’s been 2 days since they even knew about this event.
I have no connection to Wyze other than being a customer and fan, so I can’t say for sure, but I suspect am email notification will likely still go out and that is forum users just get advanced notification.
At this point it’s only been about 2 days and while data was compromised, no passwords or video data was included, so the urgency is not as high as some other high profile breaches.
Yes, Wyze was partially at fault sure to employee security mistake, but let’s not forget that the root cause was a criminal actor. Wyze has been on fire control since and likely will have some things that they could have done better, but they are working hard and being fairly transparent in the process.
I’m not suggesting they are free of responsibility, but I would urge everyone who is attacking all their shortcomings in how they handle this to exercise some clemency and patience.
Yes they received the report 2 days ago but the “significant” breach happened starting on the 4th.
Who was in charge of the reporting and why did it take them 3 weeks to report it?
Why didn’t the security team see said breach at the time of initial occurrence and if it wasn’t seen what does that say about their supposed customer database protocols?
They are in their infancy for sure but there are established businesses who specialize in this sort of security they could have hired to assist.
These sort of things can make and break companies so it needs to be taken seriously, especially a service who specializes in security based cameras etc and stores personal private video files of customers on their servers.
If they hired a company, they would only have been able to 2 days ago, and you think a company would be out there already and have figured everything out in 2 hours and sent the email 2 days ago?
Dude, they ANNOUNCED it 2 days ago but the breach happened 3 weeks ago.
They didn’t know about the data leak 3 weeks ago. they knew about it 2 days ago.
That is my point lol.
The breach happened 3 weeks ago and they only caught it now so for 3 weeks the data was compromised.