Security glitch in Eufy's software allowed strangers to see home camera feed
Live and recorded feed exposed to other users
The biggest selling point of a security camera is that it helps you monitor your kids or home while you’re away. However, the same feature can become a nightmare if the camera starts broadcasting your personal video feed to strangers.
This is precisely what happened when a “bug in the software” allowed users of the Eufy security camera to access the live camera feeds and recordings for other Eufy customers without their permission or knowledge. That’s not all, the privacy breach even gave users the control of pan-and-tilt cameras where fitted.
First reported by 9to5mac, this issue was highlighted by hundreds of users on Reddit who were able to access feeds from users’ cameras across the globe. The thread on Reddit has many users talking about how they were able to access the feed apart from the contact details from the account information.
One such Eufy user noted, “Basically I could see every camera, their front door and backdoor bells, master bedroom, living room, garage, kitchen, their motion recordings, everything. I was wondering what was going on as it still had my email and name assigned in and noticed that some unknown email, I’m guessing of the Hawaii owner, was in my shared guest account.”
While some users reported that signing out of their Eufy account and signing back in helped and removed the unwanted feed from their account, however, many were still horrified with the idea of their personal information and video feed being exposed to total strangers without their consent.
A software bug occurred during our latest server upgrade at 4:50 AM EST today. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30AM EST. We recommend that all users:May 17, 2021
The company, on the other hand, has revealed that the problem caused by a software glitch only lasted an hour or so and did not affect any products made to monitor babies. It released a statement saying, “Due to a software bug during our latest server upgrade at 4:50 AM EST today, a limited number (0.001%) of our users were able to access video feeds from other users’ cameras. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30 AM EST.”
It further added, “The issue affected users at a small rate in the United States, New Zealand, Australia, Cuba, Mexico, Brazil, and Argentina. Users in Europe remain unaffected. Our customer service team will continue contacting those who were affected. Eufy Baby Monitors, eufy Smart Locks, eufy Alarm System devices and eufy PetCare products remain unaffected. We realize that as a security company we didn’t do well enough. We are sorry we fell short here and are working on new security protocols and measures to make sure that this never happens again.”
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
To resolve the issue, Eufy has also advised users to unplug and reconnect their devices and also to log out and log back into the Eufy security app.
While it is not the first incident when a security breach has resulted in such a expose, however, it is summed up perfectly by a Reddit user who said, “For a security product to become completely unsecure, it’s pretty worrying.”
Want to know about the latest happenings in tech? Follow TechRadar India on Twitter, Facebook and Instagram!
Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.