Wyze surveillance owners recently experienced a concerning issue where they were inadvertently granted access to other users’ cameras and received notifications about events in strangers’ homes. David Crosby, co-founder of Wyze, acknowledged the problem in an interview with The Verge, explaining that a glitch caused some users to see thumbnail videos from other cameras in the “Events” section of the app.
This issue arose from a malfunction caused by an error on the Amazon Web Services (AWS) side, according to Wyze representatives. In a forum post on Wyze Forum, Crosby mentioned that server overloads damaged user data, resulting in a security vulnerability. Users were able to view thumbnails from other accounts but could not access full videos or live feeds. Following the identification of 14 incidents, the “Events” section was temporarily disabled.
Wyze has announced plans to notify all affected users and has taken steps to enhance security, such as forcibly logging out recent users to reset access tokens. Crosby reassured users that the company will investigate the root causes of the issue and implement further safeguards to prevent similar incidents in the future.
This is not the first instance of privacy breaches involving Wyze cameras. Previously, customers encountered a glitch where their devices displayed video streams from other cameras. Technical support attributed this to a web caching problem. Additionally, in 2019, Wyze confirmed a data leak that exposed information of approximately 2.4 million customers, including email addresses, camera names, and WiFi network identifiers.