Wyze Says It Was Alerted to Another Unprotected Database, After Friday's News of Breach
Wyze discovered an additional database that was left unprotected, the smart camera maker told customers Sunday. Passwords and personal financial data weren’t part of the database, said Chief Product Officer Dongsheng Song on the website. The company learned of the leak from a community member who contacted Wyze after a Friday update alerting users to a data leak report. A company investigation found some Wyze user data wasn’t properly secured and was left exposed Dec. 4-26. That vulnerability didn't involve any of Wyze's production data tables, Song said: "While significant, this database only contained a subset of data. It did not contain user passwords or government-regulated personal or financial information" but did contain "customer emails along with camera nicknames, WiFi SSIDs, Wyze device information, body metrics for a small number of product beta testers, and limited tokens associated with Alexa integrations," he said. Wyze is working on an email notification to all affected customers that it plans to release in the “near future.” The company continues to work on ways to improve its security, he said.