If you have one of these security cameras, turn it off now

May 18, 2021

By Kim Komando

Security cameras in your home are a great way to keep track of what is going on around you. Some allow you to check-in with mobile devices through various functions — providing a live feed of any activity. Tap or click here for five uses for security cameras you never thought of before now.

But not all security systems are created equal. If you can’t trust the company that built your system, it could be a bigger security threat than not having one at all.

Unfortunately, users of a popular security cam are being warned about a potential security breach. If you have one of these cams, your privacy may have been violated.

Here’s the backstory

Anker and its eufyCam products are fairly popular across the U.S., with thousands of sales each month. To access the system, you would log into your profile and set up the cameras how you wish. The same process is followed if you want to view your feed remotely.

But there is a significant problem with that. Users started to realize that they could access the live feeds of other people. Even worse is the fact that users couldn’t see their own cameras.

On eufy’s security blog, a user wrote: “I have just had an alert of backyard motion and to look. My cameras aren’t showing, someone else’s cameras are.” A different user replied, detailing the same experience, commenting that it “just happened to me too, could control someone else’s cameras in another country.”

This isn’t an isolated incident either. On Reddit, a user from New Zealand explained how they checked up on their cameras and noticed that none of them belonged to their system. The poster also revealed they could access the stranger’s contact details.

“They are from someone in another country (nice Mustang). I can also see their contact details (as added accounts). Is this a normal thing to be able to access anyone else’s cameras?” asked the poster.

As you would expect, many in the replies stated that something must be wrong as it is not safe to access other cameras. Seeing the lighter side of the seriousness, a respondent quipped with, “This feature would certainly add value for me. My camera feeds are terribly boring.”

What you can do about it

In an extremely short statement, Eufy acknowledged a bug after the latest server update. The company did not address any claims that different cameras could be accessed by strangers.

“A software bug occurred during our latest server upgrade at 4:50 AM EST today. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30 AM EST,” Eufy wrote on the company’s security blog page.

The company suggests users taking these steps:

Here are more precautions you can take:

Your home security system is one of the most critical purchases you can make. That’s why it’s important to go with a company that you can trust. We recommend our sponsor, SimpliSafe. It’s the only home security system that Kim uses and trusts.

SimpliSafe is whole-home protection for every window, room and door — against intruders, fires, water damage, medical emergencies and more. All monitored 24/7 by professionals ready to dispatch emergency personnel.

Ready to protect your home? Head to SimpliSafe.com/Kim to get a free HD security camera, plus free shipping and a 60-day money-back guarantee.

Anker responds

An Anker spokesperson released the following statement:

“During a software update performed on our server in the United States on May 17th at 4:50 AM EDT, a bug occurred affecting a limited number of users in the United States, Canada, Mexico, Cuba, New Zealand, Australia, and Argentina. Users in Europe and other regions remain unaffected. Our engineering team identified the issue at 5:30 AM EDT and immediately rolled back the server version and deployed an emergency update. The incident was fixed at 6:30 AM EDT. We have confirmed that a total of 712 users were affected in this case.

In order to avoid this happening in the future, we are taking the following steps:

  1. We are upgrading our network architecture and strengthening our two-way authentication mechanism between the servers, devices, and the eufy Security app.
  2. We are upgrading our servers to improve their processing capacity in order to eliminate potential risks.
  3. We are also in the process of obtaining the TUV and BSI Privacy Information Management System (PIMS) certifications which will further improve our product security.

We understand that we need to build trust again with you and our customers. We are incredibly sorry and promise to take all the necessary measures to prevent this from ever happening again. Thank you for trusting us with your security and our team is available 24/7 at support@eufylife.com and Mon-Fri 9AM-5PM (PT) through our online chat on eufylife.com.”

Keep reading

8 Google searches that put your privacy and security at risk

Smarter home security: 5 sensors beyond just doors and windows

https://www.komando.com/news/security/eufy-security-camera-privacy-breach/