Stories
Slash Boxes
Comments

SoylentNews is people

Billions of Records Leaked by Smart Home Vendor

posted by Fnord666 on Tuesday July 02 2019, @01:22PM   Printer-friendly
from the no-salt-added dept.

RandomFactor writes:

BleepingComputer reports that Chinese smart home vendor Orvibo has an unsecured database online that exposes over 2 billion logs detailing usernames, email address, passwords and more.

The disclosing research firm's report is available here.

vpnMentor's research team reached out to the vendor on June 16th, but did not receive a response and as of publication the database is apparently still online and the amount of data exposed is still increasing.

Exposed data includes:

  • Email addresses
  • Passwords
  • Account reset codes
  • Precise user geolocation
  • IP addresses
  • Username & UserID
  • Family name & Family ID
  • Device name & Device that accessed account
  • Recorded conversations through Smart Camera
  • Scheduling information

Passwords are hashed but without adding a salt, making them relatively easy to crack.

Possibilities for hackers are myriad, including completely locking users out of their own accounts and taking complete control of smart homes, accessing video feeds, unlocking doors and more.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Billions of Records Leaked by Smart Home Vendor | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Tuesday July 02 2019, @02:29PM (4 children)

    by Anonymous Coward on Tuesday July 02 2019, @02:29PM (#862397)

    Nice idea, but if I'm in USA and I sue a Chinese company I don't think there is any chance I'll ever see any kind of settlement. Thus, no lawyer will take this case on speculation?

  • (Score: 0) by Anonymous Coward on Tuesday July 02 2019, @04:25PM (2 children)

    by Anonymous Coward on Tuesday July 02 2019, @04:25PM (#862438)

    Of course you sue the American reseller of the Chinese crap.

    • (Score: 0) by Anonymous Coward on Tuesday July 02 2019, @04:45PM (1 child)

      by Anonymous Coward on Tuesday July 02 2019, @04:45PM (#862448)

      Nah, I'm too clever for that, I buy through eBay (or AliExpress etc), direct from a Chinese dealer.

      • (Score: 0) by Anonymous Coward on Tuesday July 02 2019, @05:08PM

        by Anonymous Coward on Tuesday July 02 2019, @05:08PM (#862456)

        How much did you save buying direct? Don't forget to add in the cost of losing your right to seek redress and your privacy.

  • (Score: 3, Touché) by PartTimeZombie on Tuesday July 02 2019, @10:59PM

    by PartTimeZombie (4827) on Tuesday July 02 2019, @10:59PM (#862566)

    ...but if I'm in USA and I sue a Chinese company...

    If you're in the US and you sue an American company that happens to be rich and determined, what chance do you think you will have to prevail?