An exposed Elasticsearch database, owned by Internet of Things (IoT) company Wyze, was discovered leaking connected device information and emails of millions of customers. Wyze makes smart home cameras and connected devices like connected bulbs and plugs, which can be integrated with smart home assistants like Amazon Alexa and Google Assistant. The database, which was exposed on Dec. 4 until it was secured on Dec. 26, contained customer emails along with camera nicknames, WiFi SSIDs (Service Set Identifiers; or the names of Wi-Fi networks), Wyze device information, and body metrics “for a small number of product beta testers” who were testing new hardware, according to Wyze.
Source: ThreatPost
