Nest Blame Weak Passwords For Hacked Cams
Google-owned security camera company, Nest, has denied reports its products are susceptible to security breaches, asserting consumers’ weak passwords are to blame.
The latest report about a hacked Nest camera involved a San Francisco woman’s device declaring the US was under nuclear attack from North Korea.
The hacker was able to access the user’s camera by obtaining the account’s password from a third party — i.e. she used the same login information on another site that was breached.
Rishi Chandra, vice president of Nest reached out to customers in an email, assuring them their “Nest security has not been breached or compromised.”
He states Nest, with Google, scours breaches across the internet, and if it finds any potential vulnerabilities alerts customers, and disables access temporarily.
Chandra says Nest cannot prevent breaches on third-party sites, but advises customers about best practices for device and password security.
Best practices include enabling two-factor authentication, creating strong and unique passwords, staying alert for phishing emails, and ensuring home network router software has the latest security updates.
Some recommendations go as far as advising consumers to set up and use guest networks if their WiFi allows.
“For context, even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet,” said Chandra.
“[If] you use your Nest password for a shopping site account and the site is breached, your login information could end up in the wrong hands. From there, people with access to your credentials can cause the kind of issues we’ve seen recently.”
One reporter has admitted he hasn’t changed his Nest password since 2016 and it currently doesn’t meet Nest’s password requirements of “at least 8 characters, including upper and lowercase letters, numbers, and symbols.”
Perhaps Nest could make two-factor authentication mandatory or ensure all customers reset their passwords.
Personal security is becoming a bigger issue as Google, Amazon and Samsung are investing heavily in smart home technology. Hacks like the Nest cam incidents could wary consumers from bringing smart tech into their home.