Latest in Gear

Image credit: Engadget

Nest reminds owners to secure their cameras after creepy scares

Two-factor authentication is a thing, people... use it.
235 Shares
Share
Tweet
Share
Save

Sponsored Links

Engadget

In recent weeks, there's been a number of fairly alarming reports coming from Nest users about cameras being taken over by "hackers" who use their access to broadcast potentially terrifying messages (or even asking Alexa speakers to play Justin Bieber). The more tech-savvy among us may recognize that this isn't a security failure on Nest's part, but rather tricksters finding that they're able to log in to strangers' Nest accounts with usernames and passwords that have been gathered and distributed around the internet.

It turns out these stories have gained enough traction for Nest to address the issue: Nest VP Rishi Chandra sent an email to users today to reiterate that the company's devices have not been hacked and that there are some simple tips they can take to increase security. Foremost among those is turning on two-step verification and, of course, using a strong and unique password for your Nest account.

Chandra also clearly walks users through how their cameras could be compromised without it being Nest's fault:

For context, even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet. If a website is compromised, it's possible for someone to gain access to user email addresses and passwords, and from there, gain access to any accounts that use the same login credentials. For example, if you use your Nest password for a shopping site account and the site is breached, your login information could end up in the wrong hands. From there, people with access to your credentials can cause the kind of issues we've seen recently.

His message also suggests setting up family accounts, rather than sharing an email and password with multiple members of the family who might need access to Nest. Similarly, he also says users should keep their routers secure and up-to-date and to keep eyes peeled for phishing email schemes.

These are all reasonable tips, and one all users should take heed of, but the fact that it was necessary for Nest to send this email in the first place suggests the company let this story get away from it to some extent. Still, there isn't much the company can do about its customers re-using insecure passwords. Indeed, Chandra said in his email that Nest proactively alerts customers. when their credentials are found in data breaches and temporarily disables access to accounts.

In this article: gear, google, nest, nestcam, security
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
235 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best consoles, games and accessories for students

The best consoles, games and accessories for students

View
Ewan McGregor will play Obi-Wan Kenobi again in a new 'Star Wars' show

Ewan McGregor will play Obi-Wan Kenobi again in a new 'Star Wars' show

View
'Clone Wars' returns on Disney+ in February

'Clone Wars' returns on Disney+ in February

View
Watch the first trailer for Disney's 'The Mandalorian'

Watch the first trailer for Disney's 'The Mandalorian'

View
A first look at Disney+

A first look at Disney+

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr