Smart camera company Wyze said that a glitch with its network last week allowed some users to see footage from security cameras that belonged to other users.
Wyze said in a post that it experienced an outage on Friday with its AWS cloud service that took down Wyze cameras for several hours.
As the corporate worked to revive camera feeds, a security issue emerged through which certain users were in a position to see thumbnails and video from cameras that weren’t theirs.
“Some users reported seeing the flawed thumbnails and Event Videos of their Events tab,” Wyze said.
“We immediately removed access to the Events tab and commenced an investigation.”
“We will now confirm that as cameras were coming back online, about 13,000 Wyze users received thumbnails from cameras that weren’t their very own and 1,504 users tapped on them. Most taps enlarged the thumbnail, but in some cases an Event Video was in a position to be viewed,” the corporate said.
Wyze blamed the incident on a recently integrated third-party caching client library that “received unprecedented load conditions brought on by devices coming back online abruptly.
In consequence of increased demand, it mixed up device ID and user ID mapping and connected some data to incorrect accounts.”
It added that to forestall an identical issue from occurring again, the corporate added a latest layer of verification before users are connected to Event Videos, and can be bypassing caching for checks on user-device relationships until it identifies client libraries which might be “thoroughly stress tested for extreme events like we experienced on Friday.”
“We all know that this could be very disappointing news,” Wyze wrote.
“It doesn’t reflect our commitment to protect customers or mirror the opposite investments and actions we have now taken lately to make security a top priority at Wyze.”
Wyze said that each one affected users have been notified and that it sent out notices to different groups of users based on whether their video was shown to other users and whether it was tapped on and viewed.
The corporate also said that it notified all its users concerning the incident and that “99.75% of all Wyze accounts weren’t affected by the safety event.”
Wyze didn’t immediately reply to a request for comment.