Skip to main content

Eufy responds to huge privacy breach, attributes unauthorized camera access to server ‘bug’

As we reported earlier today, a huge Eufy privacy breach allowed users to view the live and recorded camera feeds of strangers. Eufy has now responded to this security breach, bizarrely attributing it to a “bug” that has since been fixed.

In a thread on Twitter, Eufy wrote:

A software bug occurred during our latest server upgrade at 4:50 AM EST today. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30AM EST.

The company goes on to say that all users should “unplug then reconnect” their Eufy cameras and “log out of the Eufy app and log in again.” Doing this should ensure that you only have access to your camera feeds in the Eufy app.

Eufy’s response is rightfully being criticized for not providing more details on what went wrong here. The company vaguely attributing this massive security issue to a “bug” does not help instill confidence in the platform going forward.

The company did provide some additional detail in a statement ot Macerkopf, saying that a server upgrade is what caused this issue and that it affected a “limited number” of users.

Due to a software bug during our last server upgrade today at 4:50 AM EST, a limited number (0.001%) of our users were able to access video feeds from other users’ cameras. Our development team recognized this problem around 5:30 AM EST and was able to fix it quickly by 6:30 AM EST.

The problem affected users at a small rate in the United States, New Zealand, Australia, Cuba, Mexico, Brazil, and Argentina. Users in Europe remain unaffected.

Our customer center will continue to contact those affected. eufy baby monitors, eufy Smart Locks, eufy alarm systems and eufy PetCare products remain unaffected.

We realize that as a security company we didn’t do good enough. We are sorry we fell short and are working on new security protocols and measures to make sure that this never happens again.

As we wrote this morning, this issue does not appear to have affected Eufy users who access the cameras exclusively with HomeKit Secure Video. If you have a HomeKit-enabled router, you can also restrict HomeKit accessories from accessing the internet at all.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications