Security News > 2023 > March > Eufy security cams 'ignore cloud opt-out, store unique IDs' of anyone who walks by
A lawsuit filed against eufy security cam maker Anker Tech claims the biz assigns "Unique identifiers" to the faces of any person who walks in front of its devices - and then stores that data in the cloud, "Essentially logging the locations of unsuspecting individuals" when they stroll past.
All three suits allege Anker falsely represented that its security cameras stored all data locally and did not upload that data to the cloud.
Moore went public with his claims in November last year, alleging video and audio captured by Anker's eufy security cams could be streamed and watched by any stranger using VLC media player, that famed open-source fave with the white-and-orange-striped traffic-cone logo.
He claimed the devices were uploading video thumbnails and facial recognition data to Anker's cloud server, despite his never opting into Anker's cloud services and said he'd found a separate camera tied to a different account could identify his face with the same unique ID. The security researcher alleged at the time this showed that Anker was not only storing facial-recog data in the cloud, but also "Sharing that back-end information between accounts" lawyers for the two other, near-identical lawsuits claim.
According to the complaint [PDF], eufy's security cameras are marketed as "Private" and as "Local storage only" as a direct alternative to Anker's competitors that require the use of cloud storage.
Meaning, once recorded on one eufy Security Camera, those same individuals are recognized via their biometrics on other eufy Security Cameras.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/03/17/eufy_lawsuit/
Related news
- Cloud Access Security Broker Policy (source)
- Cloud Security Policy (source)
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft lost some customers’ cloud security logs (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)