Security News > 2020 > January > Unprotected Database Leaks Data of Wyze Users
An unprotected database was found to have exposed the data of all Wyze users who created an account before December 26, 2019.
Following a report last week of an exposed database containing a great deal of information on Wyze users, the company stepped forward and confirmed the leak, while also revealing that it had launched an investigation into the matter.
Immediately after learning of the incident, Wyze pushed a token refresh to all users, forcing them to re-login and re-link integrations with Google Assistant, Alexa, and IFTTT. The next day, the company revealed that the exposed database, which contains only part of the data stored on the main production servers, was created on December 4, 2019, as part of an "Internal project to find better ways to measure basic business metrics like device activations, failed connection rates, etc."
In an update this week, the company revealed that a second unprotected database was discovered after the investigation was launched, adding that it was not a production database either.
Wyze did not provide details on the type of information included in that database.