Wyze partly blamed AWS for the problem in an email it sent to customers as it admitted the issue
(Image credit: Future)
If you hop onto Reddit you'll see a lot of angry Wyze users discussing their intention to ditch the platform after a security breach. The thing is, you'll need to check the date because there was a previous wave of anger relating to a privacy mistake that came back in September 2023.
That wasn't the first, either. The cameras had been found to have vulnerabilities continuously and even Wyze discouraged use of the first-generation product after Feb 2022. It was the respectable New York Times' decision to very publicly withdraw its previous recommendation of the Wyze brand of cameras (only a year and a half later) that got people talking. Their principal concern was not so much that Wyze had suffered a technical issue but that it had been slow to address it and used the most discrete channel as possible to discuss it; the user forums, not exactly building trust.
Here we are again and, yet again, Wyze seem to have adopted a slightly patchy approach when it comes to communicating with their customers. First Wyze co-founder David Crosby told tech site The Verge "at least a dozen users were able to briefly see into a stranger’s property because they were shown an image from someone else’s camera."
A bit over an hour after the first report Wyze turned off the thumbnail feature – the basis of reviewing events. Wyze have blamed the security problem – and blamed it on AWS, the hosting platform it uses. (You can see the service advisory log). Three days later, on the 19th, Wyze's investigation update added the detail that the cause of the issue was "a third-party caching client-library" they had recently added into their software, which in turn was overloaded by the outage – in other words, AWS's share of the blame, if any, can only be directed at the outage – not the privacy blunder it unearthed.
In a discussion on Reddit, a user identifying herself as a 23 year old girl who keeps cameras in her house to monitor her pets says she received this message from Wyze: “We've identified your Wyze account as one that was affected. This means that thumbnails from your Events were visible in another Wyze user's account and that a thumbnail was tapped. Most taps enlarged the thumbnail, but in some cases it could have caused an Event Video to be viewed.”
Others have reported they received a message stating "Your account and over 99.75% of all Wyze accounts were not affected." At least knowing that the opposite of this message exists means, if you've received the 99.75% message, you can now be more confident that you might have been.
The best camera deals, reviews, product advice, and unmissable photography news, direct to your inbox!
Wyze Cam v3 (Image credit: Wyze)
This incident won't do Wyze any favors – not that they have ever shared any of their cameras with us to review anyway. Weirdly Amazon, owners of AWS, do stand to benefit as they also own Ring and Blink, two major competitors who appear on or guides to the best security cameras.
With over 20 years of expertise as a tech journalist, Adam brings a wealth of knowledge across a vast number of product categories, including timelapse cameras, home security cameras, NVR cameras, photography books, webcams, 3D printers and 3D scanners, borescopes, radar detectors… and, above all, drones.
Adam is our resident expert on all aspects of camera drones and drone photography, from buying guides on the best choices for aerial photographers of all ability levels to the latest rules and regulations on piloting drones.
