Sign up for our free weekly newsletter to get the best safety news, product info, and deals.
Security School: Latest Home Security Breaches and Responses
SafeWise experts have years of firsthand experience testing the products we recommend. Learn how we test and review.
By signing up, you agree to our Terms and Conditions and Privacy Policy.
Why track security breaches?
It's only natural to expect security companies to prioritize protecting their customers, but this isn't always the case. Whether you’re holding the magnifying glass up to skipped security measures, sold customer data, or questionable business practices, there's a lot that security companies can improve.
We're not here to accuse companies of misconduct without evidence. We just want to promote awareness so you can make informed decisions and companies can raise their standards.
At SafeWise, we spend most of our time writing reviews and guides, so we can't devote our resources to reporting on current events in the same way as other websites. But, behind the scenes, we’re scouring the news to learn about company reputations as part of our methodology.
Consider this an invite to check out our virtual sticky notes on the latest in home security news.
We understand the effort and skill that goes into this kind of journalism, so we recommend exploring the full articles using the links in each summary.
Check back occasionally, and you might find something new on our list. For tips and advice, check out our guide to preventing smart home hacking.
Recent hacks and breaches
Because the digital world is flooded with talk of hacks and breaches, we decided to break our findings into two categories: breaches and research on preventing them.
Here are some tips from our guide to preventing smart home hacking:
- Choose devices wisely.
- Change your default username.
- Use strong passwords.
- Use two-factor authentication.
- Avoid public Wi-Fi for remote access.
- Check app permissions.
Breaches
Accidental breaches tend to result from human error, lax policies, or underinvesting in security technologies. You see these breaches when companies skip steps like these:
- Sensitive data encryption
- Strong password requirements
- Enhanced features like two-factor authentication
Deliberate breaches happen when determined hackers bypass customers to attack companies directly. By intentionally exposing sensitive data or degrading services' effectiveness, hackers want a big payout or simply to spread fear.
Merkury Innovations and Geeni
Source: Tonya Riley, Aaron Schaffer, Washington Post, "The Cybersecurity 202: Smart Home Devices with Known Security Flaws Are Still on The Market, Researchers Say," February 2021. Accessed February 23, 2021.
Ring (Amazon)
Source: Zack Whittaker, TechCrunch, "Amazon’s Ring Neighbors App Exposed Users’ Precise Locations and Home Addresses," January 2021. Accessed February 23, 2021.
Source: Dalvin Brown, USA TODAY, "Amazon's Ring Fires Four Employees for Snooping on Customers' Doorbell Camera Video Feeds," January 2020. Accessed July 30, 2020.
Source: Jon Fingas, Engadget, "Amazon, Ring Face Lawsuit over Alleged Security Camera Hacks," December 2019. Accessed July 30, 2020.
ADT
Source: Kaley Johnson, Fort Worth Star-Telegram, "ADT Employee Spied on Hundreds of Dallas-Fort Worth Families for 7 years, Company Says," May 2020. Accessed July 30, 2020.
Various security camera brands including Google Nest
Source: Alex Scroxton, ComputerWeekly.com, "Sextortion Campaign Hits Nest Home Security Cameras," January 2020. Accessed July 30, 2020.
Sextortion is when criminals acquire or claim to possess sexual video or photos of an individual. They use this as leverage to coerce payments in exchange for not posting the images online.
Wyze Labs
Source: Nicole Karlis, Salon.com, "A Huge Security Camera Company Just Had a Huge Security Breach," January 2020. Accessed July 30, 2020.
Research to prevent breaches
Security researchers help companies by discovering possible breach tactics before they occur. The research primarily focuses on the technology behind breaches and often informs the security strategies of businesses.
These finds aren't as practical for everyday consumers, but you can pull them out of your back pocket to sound smart at your next dinner party.
2020 Xfinity Cyber Health Report
Source: Comcast, "2020 Xfinity Cyber Health Report," November 2020. Accessed February 23, 2021.
Various security camera brands including Google Nest and Xiaomi
Source: Jack Guy, CNN, "Security Cameras Can Tell Burglars When You're Not Home, Study Shows," July 2020. Accessed July 30, 2020.
iBaby Labs
Source: Sara Morrison, Vox Media, "The Case against Smart Baby Tech," March 2020. Accessed July 30, 2020.
Philips Hue
Source: Aaron Mamlit, Digital Trends, "Hackers May Attack Home Networks through Philips Hue Smart Bulbs Vulnerability," February 2020. Accessed July 30, 2020.
Culture and government
Governments carry an absolute responsibility to protect citizens, so it's important to recognize potential security failures when they crop up. Here are some activities, laws, and regulations to think about.
IoT Cybersecurity Improvement Act
Source: Andrew Silberman, Security Boulevard, "A Step in the Right Direction: The IoT Cybersecurity Improvement Act," February 2021. Accessed February 23, 2021.
Source: Alfred Ng, CNET, "Lawmaker Questions Google's CEO about Geofence Warrants," July 2020. Accessed July 30, 2020.
Ring (Amazon)
Source: Jason Kelley, Matthew Guariglia, Electronic Frontier Foundation, "Amazon Ring Must End Its Dangerous Partnerships with Police," June 2020. Accessed July 30, 2020.
Police-tracking apps
Source: Laura Hautala, CNET, "Police-tracking Apps Are More Popular than Ever Thanks to the Protests," June 2020. Accessed July 30, 2020.
Questionable business practices
While we understand that businesses first and foremost aim to maximize profits, that can create stumbling blocks for customer experience and lead to privacy pitfalls.
Amazon and Google
Source: David Priest, CNET, "Smart Home Developers Raise Concerns about Alexa and Google Assistant Security," March 2020. Accessed July 30, 2020.
Ring (Amazon)
Source: BBC, "Ring Doorbell 'Gives Facebook and Google User Data'," January 2020. Accessed July 30, 2020.
Source: Mark Huffman, ConsumerAffairs, "Amazon Engineer Goes Public with Criticism of the Ring Doorbell Security System," January 2020. Accessed July 30, 2020.
Responses and improvements
Breaches usually lead to improvements if companies are willing to learn from their failures. Here are some examples of companies improving things after a breach (it doesn't even have to be their breach).
Ring (Amazon)
Source: Scott Ikeda, CPO Magazine, "Following a Year of Privacy Worries and Security Breaches, Ring Implements End-to-End Encryption," January 2021. Accessed February 23, 2021.
Source: Dan Seifert, The Verge, "Ring Adds Privacy Dashboard to App in Response to Security Concerns," January 2020. Accessed July 30, 2020.
Amazon, IBM, and Microsoft
Source: Rebecca Heilweil, Vox Media, "Big Tech Companies Back Away from Selling Facial Recognition to Police. That’s Progress.," June 2020. Accessed August 12, 2020.
Blink (Amazon) and Arlo
Source: Thomas Ricker, The Verge, "Arlo and Blink Cameras are Boosting Security to Beat Hackers," March 2020. Accessed July 30, 2020.
Google Nest
Source: Allison Matyus, Digital Trends, "Nest Makes Two-Factor Authentication Mandatory for its Smart Home Devices," February 2020. Accessed July 30, 2020.