The issue seems to have affected only a small portion of Eufy security camera users in New Zealand, Australia, the US, and a few other countries. Eufy customers in Europe were not affected by the breach.
Eufy Users Had Complete Control Over Other Customer Accounts
The privacy breach was first noticed by Eufy users on Reddit who, to their horror, saw camera feeds from strangers upon opening the Eufy security app on their phone. More worryingly, users reported having complete access to a stranger’s Eufy account, including controlling their Eufy cameras, access to recorded footage, and even their address.
Eufy has already acknowledged the privacy breach saying it was caused by a “software bug” that occurred during a recent server update. The issue was discovered within an hour and fixed within a couple of hours.
Eufy recommends all users unplug and reconnect their security camera and then log out and log in again in the Eufy security app. The company’s customer care will also reach out to affected customers.
Eufy says the privacy breach affected only 0.001% of its users in the US, New Zealand, Australia, Cuba, Mexico, Brazil, and Argentina. It also clarified that Eufy baby monitors, smart locks, pet care products, and alarm systems were not affected by this security lapse.
Eufy issued the following statement to Android Police apologizing for the security breach:
Eufy Security Camera Owners Are Angry
Customers are also not happy with Eufy’s apology and the company not revealing what actually went wrong that led to this privacy lapse. The company is simply putting the blame on a “software bug” in its statement.
