This report was 1st published on our sister Site, The Internet Of All Things.
Smart devices sales company Wyze has revealed that a server leak had exposed the details of about 2.4 million of its customers.
The leak, said Wyze co-founder Dongsheng Song in a forum post, occurred after an internal database was accidentally exposed online.
Today, we are confirming that some Wyze user data was not properly secured and left exposed from December 4th to December 26th. We copied some data from our main production servers and put it into a more flexible database that is easier to query. This new data table was protected when it was originally created. However, a mistake was made by a Wyze employee on December 4th when they were using this database and the previous security protocols for this data were removed. We are still looking into this event to figure out why and how this happened.
– Wyze blog
In an update, Wyze said on its blog that it had discovered “an additional database” that was left unprotected. This was not a production database, said the company. No passwords or personal financial data were in this database.
Wyze said it was working on an email notification to all affected customers to be sent out soon. Users will kept informed of all developments on this front, it added.
