1 Like
Thank you for being open, honest, and transparent about the entire situation. I still have faith in Wyze and I will continue to use and support your products. 
1 Like
PLEASE add a different two-factor authentication option (ie Google Authenticator)! Your current method just doesn’t get the job done and has too many holes in it to feel safe using. After the leak, I hope expanding and improving your security options becomes a top priority.
4 Likes
Does anyone else see the irony of WYZE asking us to be watchful for any phishing attempts, yet they implemented one method of phishing, namely the displayed URL does not match the hyperlink when hovering over https://forums.wyze.com/t/updated-12-30-19-data-leak-12-26-2019 in the e-mail they sent?
1 Like
Wow that was a blast from my past! Is this the same GRC of Spinrite fame?
SQRL looks interesting thanks for sharing. Personally I prefer not to use anyone’s single sign on tech. But that’s just my preference.
They use mailchimp (or one of their services), which replaces URL’s with a tracking URL from the mandrillapp domain. But yea, i understands what you are saying. They probably should have turned off click tracking for that email, haha
2 Likes
I’m sorry that this happened to the company but I’m thankful that you’re on top of it and have been updating customers. It’s very scary for customers, hearing the word “breach”, in this case imho it doesn’t seem to be too dire, apart from profile photos (which people share on FB and Insta anyway). I guess it’s time to learn that lesson on enhancing security since there’s always someone out there who wants this type of info.
Thanks again. I for one will keep supporting Wyze. Great products and services at great prices.
1 Like
You have it wrong. It didn’t ‘happen to’ them, they did it to themselves.
2 Likes
how SQRL works is that the server for single sign on hosts the account services
your device PC/MAC/Android/iOS will provide the single sign on info. so its single sign on but in reverse. you own the data.
so the password and account details are not online but on your device
making your account even more secure so that if wize or the service your connecting to gets hacked there is only the basic name and email and link id that will only work with your SQRL app
meaning they have nothing
Yes I have been reading their available info. As I say very interesting and will be good to watch. I just try and avoid having any service as part of my sign in where I can. I trust my security as little as possible to anyone else.
2 Likes
For Sale WYZE Devices
So from Dec. 4th until the 26th everyone’s data was accessible. Bad bad bad. I could understand a fitness tracker company being breached. But my home security devices? I’m out!! I don’t care how sorry you are that is a complete breach in customer trust.
Just so everyone knows all your info is accessible on the dark web if you know how to find breached databases.
Also if anyone reading this has given access to family or friends. Their data is also breached.
1 Like
From the Wyze email that went out this morning:
This will include … making more of our user-requested security features our top priority in the coming months.
The top user requested security features are app-based 2FA and the ability to change email account email address. I expect that these are the features that will be receiving top priority.
5 Likes
I just experienced something very interesting about this ‘data leak’. As suggested I logged into my Wyze account to change my password and all my personal data had ‘leaked’ out - nothing was there! It was a real ‘data leak’. 
No name
No billing address
No shipping address
No order history
No products
No payment data
Nothing, zero, zilch, nada.
The only thing there was my logon ID (email address) and password. Given that all my Wyze products were purchased directly from Wyze I know the information was there at one time - it had to be or I wouldn’t have the products.
Ironically I could not change my password without entering all the PII which I’m not going to do since having no information out there is orders of magnitude better than having real information to be leaked again.
Tagging @UserCustomerGwen in the hopes she might look into this and provide some insight.
2 Likes
Several months ago Wyze updated their online store and order history was lost, it could be related to that if you haven’t logged in for a while. Still not a bad idea to see what Gwendolyn or Support has to say.
1 Like
This has been true for years. Every credit card company has had much larger breaches
I have no name because I never filled it in.
I have no billing address or shipping address because I never filled it in , because I use PayPal or Amazon pay.
All of my past orders have been gone only the most recent show up
All of my info is current and update. Nothing missing. So not sure why you have this issue.
So after endless patience and trying to relink alexa to wyze.
If you do this from the alexa app I kept running into:
We were unable to link Wyze at this time.
Please try again later.
After authenticating into the wyze page from within the alexa app.
However, doing this from within the wyze app seems to have re-enabled the skill.
Wyze app → Account → Works With → Alexa → link
No devices are currently being picked up, but will give it some time to settle…
fun stuff guys… fun stuff…
I wonder if a lot of people are trying to do it at once. Because I relinked Alexa this morning very very early and it’s working just fine.
That might be the case. Last time I logged in was when the Wyze Plugs were available for ‘early orders’.