Safetech makes both padlocks and door locks, each available on Amazon. According to the New York AG's office, independent security researchers found that the company's locks did not secure passwords or other security information in its locks, which left customers open to hacking and theft.
"Companies employing new technologies must implement and promote good security practices and ensure that their products are secure, including through the use of encryption," Schneiderman said in a statement. "Together, with the help of companies like Safetech, we can safeguard against breaches and illegal intrusions on our private data."
While this may be the first time an attorney general has taken legal action against a smart lock company like this, it won't likely be the last. Kwikset was sued recently for its Smart key lock's alleged culpability in the rape and murder of a young woman in Florida by the building security guard. While not a true smart lock, the lock in question has a programmable cylinder that can be made to work with any key, which can be used to give temporary access to anyone. It's also easily broken into with a screwdriver and a paper clip.
As we all turn to smart devices and the Internet of Things in our lives, it becomes even more important to make sure we're being protected from both hackers and ourselves. The settlement with Safetech could be the first big step towards companies building better security into their smart devices.