Chinese smart home software vendor is reported to have left a billion customers logs open to potential hackers exposing critical information. Security analysts from VPNMentor which first discovered this flaw say that logs such as email addresses, passwords, account reset codes, Geolocation, IP addresses, usernames, Family Name, Family ID, and other sensitive info of ‘Orvibo’ customers was exposed due to a server misconfiguration since June 16 this year.
Researchers of online services provider say that they have informed the related staff of Orvibo in the third week of last month. But the makers of smart locks, security cameras, and smart bulbs did not respond to the alert on a positive note.
So, all the customers of Orvibo hailing from Thailand, Japan, China, US, UK, Mexico, France, Australia, and Brazil are hereby requested to change their home automation solutions passwords as soon as possible.
The recent data breach has also notified us a fact that smart home devices of today’s generation collect enormous data about their users giving us a hint that minute exploits of the database can lead to data mine for hackers- turning the phrase ‘Information means Wealth’ absolutely true!
According to the stats available on the internet related to the company Orvibo, over a million users have purchased and installed the smart home products of Shenzhen based company.
Why the database was left without password protection and why the data was not encrypted remains a big question in this instance?