eufy Camera Live Feed Security Breach

Ashh77 on 17/05/2021 - 22:23
Last edited 18/05/2021 - 09:34 by 1 other user

Just a PSA. If you have any eufy cameras inside your home, especially around kids it is recommended that you disconnect it. They’re currently experiencing massive security breach related issues where users from around the world are able to see other cameras.

Confirmed by 9to5mac https://www.google.com.au/amp/s/9to5mac.com/2021/05/17/huge-…

---

Update: thanks to Applause.

Dear eufy Security Users:

A software bug occurred during our latest server upgrade at 4:50 AM EST today. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30AM EST.

We recommend that all users:

Please unplug and then reconnect the device.
Log out of the eufy security app and log in again.
For any questions, users can contact our support team at [email protected].

https://communitysecurity.eufylife.com/t/statement-from-eufy…

• 

  jayboi on 17/05/2021 - 22:55

  Thanks for letting us know
  I have the floodlight cam and just checked the app and everything is normal, nothing was touched and no unusual events.
  Should I worry about this affecting me?

  • 

    SF3 on 17/05/2021 - 23:13

    -7

    floodlight cam

    You mean the one people thinks it looks like an human anatomy ?

  • 

    elgrande on 17/05/2021 - 23:20

    +30

    I checked your floodlight cam too. I can confirm it looks normal..

    • 

      Ashh77 on 17/05/2021 - 23:43

      Haha!

  • 

    Ashh77 on 17/05/2021 - 23:35

    +1

    I’m in the same boat. Mines were fine so I haven’t made any changes. Mind you, I don’t have any internal cameras so I’ve got nothing to hide regardless.

• 

  poiterbad on 17/05/2021 - 23:00

  Yeah my account was signed out on the app, had to log back in which I've never had to do before.

  I've unplugged my home base for now until it's resolved.

• 

  jwh on 17/05/2021 - 23:05

  I opened the app and it said my homebase is set up, but had no devices. I don't have a homebase…

  But then I clicked on devices and I could see my cam.

  I changed some settings on my device, then went back to my home screen and it it only shows my camera now.

  A bit of a worry!

  • 

    Ashh77 on 17/05/2021 - 23:43

    Other users have reported the same. Suspect Eufy is doing things in background to rectify.

• 

  Pecan on 17/05/2021 - 23:19

  +2

  Mine seem ok, I only have outdoor cams thankfully.

• 

  AlphaSquid1604 on 17/05/2021 - 23:19

  +1

  Whats the implication of this? Seems like pretty quiet on their front and doubt they would report it.

  So whats a consumers best course of action and is taking this back to the retailer and informing them of the issue an option?

  • 

    Ashh77 on 17/05/2021 - 23:44

    Good question. I’m sure the company have made it impossible to protect themselves from things like this.

• 

  tdth99 on 17/05/2021 - 23:24

  +5

  Someone in the comments has picked the likely issue. A backend server screw up.
  "Very much looks like that logged in users had some key stored locally and it got matched to different account. After logging out and back in they are issued new one and are back to their profile."

  Not a great look, but it happens to a lot of services and it's a pretty easy fix. I have these cameras but basically treat them as if they're always broadcasting on the public internet as a matter of course. No camera that's easily internet accessible is immune to this sort of issue.

• 

  Ashh77 on 17/05/2021 - 23:41

  Agreed. No response by Eufy which is disappointing.

  I wouldn’t be surprised if this is a simple upgrade and caching issue that’s caused it. Though it would of been ideal if EUFY addressed it immediately. On the other hand even if it was a breach, companies are prone to it no matter what size. We’ll have to wait and see.

  Personally I don’t have any internal cameras so I’m not too fussed but do feel for those that may have cameras inside the home.

• 

  Applause on 18/05/2021 - 01:58

  +4

  Eufy made a short comment about the incident on their community platform. https://communitysecurity.eufylife.com/t/statement-from-eufy…

  Dear eufy Security Users:

  A software bug occurred during our latest server upgrade at 4:50 AM EST today. Our engineering team recognized this issue at around 5:30 AM EST, and quickly got it fixed by 6:30AM EST.

  We recommend that all users:

  Please unplug and then reconnect the device.
  Log out of the eufy security app and log in again.
  For any questions, users can contact our support team at [email protected].

  • 

    AlphaSquid1604 on 18/05/2021 - 08:40

    +5

    I feel that statement is just not good enough for the sort of incident that happened.

    • 

      mbck on 18/05/2021 - 09:00

      +2

      Reminded me of shopback lol

      • 

        pegaxs on 18/05/2021 - 10:15

        +4

        No, Shopback are all good now. They are offing a lottery for random gift cards… and there was that $3 “we’re sorry” voucher that fixed everything…

        • 

          Switchblade88 on 18/05/2021 - 11:45

          +2

          @pegaxs: Pretty sure it's a lottery every time you try and make an unpaid cashback claim.

        • 

          DoctorCalculon on 18/05/2021 - 22:11

          +1

          @pegaxs: I am still getting scam calls from no caller IDs to this day, all of which started after the SB hack.

• 

  Hashstrid on 18/05/2021 - 10:11

  +3

  Yea i realised this issue last night, on my partners device we are conencted to someone in USA….

• 

  Actilux on 18/05/2021 - 12:05

  I lost my cameras last night. App only showed the homebase, had to reconnect the cameras as if starting from scratch.

• 

  lainey13 on 18/05/2021 - 22:57

  Had login issues over the last week, had 'unable to connect to application server' errors for days but my partner could login fine… I wonder if its related? Could only login properly yesterday…

• 

  AlphaSquid1604 on 28/05/2021 - 09:10

  FYI anyone who has purchased this system previously and no longer want it due to the breach. I quoted the consumer laws to the retailer (JB) i made the purchase from and they initiated a refund.

  I basically quote that the product no longer met "are of acceptable quality – the goods must be safe, lasting, have no faults, look acceptable and do all the things someone would normally expect them to do"