Billion with a B. If you think your smart home is making you safe, you might be kidding yourself. Confirmed: 2 Billion Records Exposed In Massive Smart Home Device Breach.
Orvibo is a Chinese company that makes “smart home” hubs, and outlets, and a bunch of other things. It turns out they have an awful lot of data about their customers, and they made it all public.
The list of data included in the breach is extensive according to the vpnMentor report and includes:
- Email addresses
- Account reset codes
- Precise geolocation
- IP address
- Family name
- Family ID
- Smart device
- Device that accessed account
- Scheduling information
The kinds of thing that this lets bad guys do… Access your security camera. Unlock your smart lock. Lock you out of your account.
OK this is a story about data being made public, but why are they logging all of this data? Even if they don’t make it public, this is a lot of data to entrust a company that doesn’t seem to have your security on its radar.