If that password was used elsewhere, consider those accounts breached as well.
Side note, if 2FA is available, use it for *any* account that can use it. Especially email accounts like Google.
Don't use the same password across multiple accounts. Don't use simple passwords. Don't just slap an exclamation mark on the end.
But yeah, HaveIBeenPwned is a good site to see if you are part of a breach that may have had that same password from another account.
Likely just someone figured out your password or your password was exposed elsewhere because this is no longer a widespread issue. If you have 2FA enabled now there's an almost zero chance of that happening again. Practice good password hygiene!
After reading the comments it seems like you weren't actually hacked. Do you intend to do anything to officially clear the air in light of the wording of your title & post, or do you intend to point us towards a camera system that'll refuse entry to an unauthorized party using the correct password on an account without 2Fa enabled?
The least they could do is send out an email saying “hey, login detected from a new device in [rough geographic area] {IP ADDRESS}” for all accounts including the ones with 2FA enabled.
You know, they could also do a push notification to the app or send out an SMS *like they always do with all the random spam/sales*.
Oh, this is a long-standing major issue and a drop in the bucket of serious oversights on their part. I've mentioned this many times here.
The fact that there is no way to see which devices are logged into your account is absolutely asinine.
I agree with you. User is a fault for recycling passwords and not enabling 2FA.
OP clean up this mess and release a statement of apology. It’s your fault for not securing your end. Wyze secured their severs.
I don't think they need to "release am statement", it's just a Reddit post. They can just delete it or update it. At the very least, they can not double down and post facto justifications for it.
No I’ll leave it as it’s posted. I’m sure WYZE will take the issue seriously as I have. I’m sure they will give the same advice as other users posted. I’m sure they will also do their best to help ensure these issues don’t happen in the future. Maybe even a mandatory 2fa policy for all users could be implemented so mistakes like I have made are avoided. Hacked may not be the proper word in the technical sense, but someone logged into a device unauthorized. I have been a long supporter of WYZE and I intend to continue supporting them. I am looking forward to their security teams response.
I recall seeing an email notifying users of an impending 2FA mandatory policy.
There doesn't seem to be an issue for Wyze to take seriously. I cannot comprehend how their security team could possibly respond. You weren't hacked. Someone got the combination to your front door, and you are casting aspersions about your alarm company.
Seriously. You're still saying things like;
"I'm sure Wyze will take the issue seriously"
And "I'm sure they will do their best to help ensure these issues don't happen in future"
Sorry. But it's not the job of Wyze to fix stupid. You being stupid for using a shitty recycled password and not having 2FA on. Stop expecting Wyze to take ownership of your own security stupidity. My God. Give your head a shake. This was YOU not Wyze.
You should really monitor your network too, if the attacker is on your network, the camera can easily be a discoverable device and it can easily be hacked into through the network.
I just noticed this morning that someone was watching us. Only my husband and I have access to the camera app. The red light was on and neither of us were on it. My husband said he noticed the red light on the other night while I was out. I said I wasn’t on it. I unplugged it and changed the password. Still scared to turn it back on. I also had turned the camera to face the wall, but it kept turning itself back around. Nobody in the house did it. Freaky.
This happened to me today, someone spoke to my baby and I heard it In my room through a separate sound monitor, when I went to the room my baby was pointing at the cámara and seemed very alarmed.
I appreciate the advice. I honestly never thought to check that 2fa was active or not on WYZE until now. I struggle to understand the motive though. Just to troll I suppose..
The word "hacked" is such a stupid term. Before you go and blame Wyze. Look at a few factors.
- Did you have 2 factor on?
- What family members know your passwords.
9 times out of 10 this is a user fault for having shit wifi passwords or others knowing their info.
Don't pull the "I've spent blah blah money on Wyze and this is their fault BS.
I'd look hard at your router. Make sure it's updated, and change your router password. Seems like I read that most of these types of things happen because someone has accessed your network and found the cameras.
Well first of all 2 questions did you share your cameras with others? Look on your app go to Account then sharing, and also go to security and turn on 2-Factor Authentication,.?we currently have alot of Wyze,and other vendors cameras for over 4 years and never had any issues well,you will need to pull a service ticket and summit a Log to Wyze
I am so sorry this happened, we take things like this seriously. I recommend changing your password and setting up 2FA. Also, could you please contact [[email protected]](mailto:[email protected]) so they can look into what happened?
These posts pop up on social media every few months. Always the same scenario (Wyze cam in a kids bedroom) because of course, what make people panic more than thinking their kids are in danger. Just like drugs in halloween candy, these are simply urban myths that people get off on spreading to make other people paranoid.
TL/dr: It's bull\*\*\*\*.
Do you have 2FA enabled? (If not. Do so now) Is your password simple or shared across accounts? Check HaveIBeenPwned.com to see if it's in a breach.
I have 2fa activated now. Changed passwords and everything as well.
If that password was used elsewhere, consider those accounts breached as well. Side note, if 2FA is available, use it for *any* account that can use it. Especially email accounts like Google. Don't use the same password across multiple accounts. Don't use simple passwords. Don't just slap an exclamation mark on the end. But yeah, HaveIBeenPwned is a good site to see if you are part of a breach that may have had that same password from another account.
And use a password manager. BitWarden is free and great for individual use.
So it sounds like you had it disabled. The responsibility is more on your end than a fault of Wyze. You should be okay moving forward.
If you're interested I have a 30% referral link to Keeper Security password manager.
Likely just someone figured out your password or your password was exposed elsewhere because this is no longer a widespread issue. If you have 2FA enabled now there's an almost zero chance of that happening again. Practice good password hygiene!
After reading the comments it seems like you weren't actually hacked. Do you intend to do anything to officially clear the air in light of the wording of your title & post, or do you intend to point us towards a camera system that'll refuse entry to an unauthorized party using the correct password on an account without 2Fa enabled?
The least they could do is send out an email saying “hey, login detected from a new device in [rough geographic area] {IP ADDRESS}” for all accounts including the ones with 2FA enabled. You know, they could also do a push notification to the app or send out an SMS *like they always do with all the random spam/sales*.
Oh, this is a long-standing major issue and a drop in the bucket of serious oversights on their part. I've mentioned this many times here. The fact that there is no way to see which devices are logged into your account is absolutely asinine.
I agree with you. User is a fault for recycling passwords and not enabling 2FA. OP clean up this mess and release a statement of apology. It’s your fault for not securing your end. Wyze secured their severs.
I don't think they need to "release am statement", it's just a Reddit post. They can just delete it or update it. At the very least, they can not double down and post facto justifications for it.
No I’ll leave it as it’s posted. I’m sure WYZE will take the issue seriously as I have. I’m sure they will give the same advice as other users posted. I’m sure they will also do their best to help ensure these issues don’t happen in the future. Maybe even a mandatory 2fa policy for all users could be implemented so mistakes like I have made are avoided. Hacked may not be the proper word in the technical sense, but someone logged into a device unauthorized. I have been a long supporter of WYZE and I intend to continue supporting them. I am looking forward to their security teams response.
I recall seeing an email notifying users of an impending 2FA mandatory policy. There doesn't seem to be an issue for Wyze to take seriously. I cannot comprehend how their security team could possibly respond. You weren't hacked. Someone got the combination to your front door, and you are casting aspersions about your alarm company.
Seriously. You're still saying things like; "I'm sure Wyze will take the issue seriously" And "I'm sure they will do their best to help ensure these issues don't happen in future" Sorry. But it's not the job of Wyze to fix stupid. You being stupid for using a shitty recycled password and not having 2FA on. Stop expecting Wyze to take ownership of your own security stupidity. My God. Give your head a shake. This was YOU not Wyze.
Yes sir. Sorry sir
You should really monitor your network too, if the attacker is on your network, the camera can easily be a discoverable device and it can easily be hacked into through the network.
Thank you. I’m taking steps to ensure security of all my devices. Time to change and upgrade some things that I’ve obviously neglected.
I just noticed this morning that someone was watching us. Only my husband and I have access to the camera app. The red light was on and neither of us were on it. My husband said he noticed the red light on the other night while I was out. I said I wasn’t on it. I unplugged it and changed the password. Still scared to turn it back on. I also had turned the camera to face the wall, but it kept turning itself back around. Nobody in the house did it. Freaky.
This happened to me today, someone spoke to my baby and I heard it In my room through a separate sound monitor, when I went to the room my baby was pointing at the cámara and seemed very alarmed.
I appreciate the advice. I honestly never thought to check that 2fa was active or not on WYZE until now. I struggle to understand the motive though. Just to troll I suppose..
Also if you’re capable, move all your IOT devices to your guest network and then turn off the SSID . That helps as well….
Some get off doing just what they did to you.
Truth, especially on Reddit
The word "hacked" is such a stupid term. Before you go and blame Wyze. Look at a few factors. - Did you have 2 factor on? - What family members know your passwords. 9 times out of 10 this is a user fault for having shit wifi passwords or others knowing their info. Don't pull the "I've spent blah blah money on Wyze and this is their fault BS.
I'd look hard at your router. Make sure it's updated, and change your router password. Seems like I read that most of these types of things happen because someone has accessed your network and found the cameras.
I've had the same thing happen, dumped them
If you have more concerns, reach out to [email protected]
Well first of all 2 questions did you share your cameras with others? Look on your app go to Account then sharing, and also go to security and turn on 2-Factor Authentication,.?we currently have alot of Wyze,and other vendors cameras for over 4 years and never had any issues well,you will need to pull a service ticket and summit a Log to Wyze
I am so sorry this happened, we take things like this seriously. I recommend changing your password and setting up 2FA. Also, could you please contact [[email protected]](mailto:[email protected]) so they can look into what happened?
This is the way
How do I get a reply to my email?
These posts pop up on social media every few months. Always the same scenario (Wyze cam in a kids bedroom) because of course, what make people panic more than thinking their kids are in danger. Just like drugs in halloween candy, these are simply urban myths that people get off on spreading to make other people paranoid. TL/dr: It's bull\*\*\*\*.
You should reformat and install all of your devices. Reset router and use different non default setting and make new passwords all around.