Two billion user logs leaked

In Opinions

Tomas Foltyn, security writer at ESET discusses the leak, which apparently has yet to be plugged, exposes a range of very specific data about users

A Chinese smart home solutions provider has been leaking billions of logs from devices managed via the company’s cloud platform, exposing a range of sensitive information about their users.

The database – which was found sitting an ElasticSearch server with no password protection – belongs to a Chinese company called Orvibo. The platform, called SmartMate, is used by customers from around the world to manage their Internet-of-Things (IoT) devices, including home entertainment and security devices, and energy management and HVAC systems. A maker of around 100 smart home or smart automation products, Orvibo claims to have a million customers, both individual users and businesses.

Researchers at vpnMentor, who discovered the misconfigured server in the middle of June and described their findings in this blog post, wrote that Orvibo has been notified of the issue several times since June 16. Per latest reports (few days back), the database remains exposed.

There is no evidence that cybercriminals have accessed the data, but with such abundance of identifying information the scope for abuse is practically endless.

Says ESET cybersecurity specialist Jake Moore: “Criminal groups may have been aware of this data exposure, but it is unknown if anyone has taken advantage of this leak yet and I’d hope it would be plugged quite quickly now it is out. What a criminal hacker could do with this goes as far as their imagination will take them”.

What data?
The user logs – no fewer than two billion of them, in fact – contain a collection of truly varied and very specific data. There are user IDs, family names and IDs, email addresses, hashed (but not salted) passwords, smart device details, precise location data, IP addresses, as well as account reset codes, which could be used to lock people out of their accounts.

Scheduling information for things such as smart lights is also there for anyone to see. Combined with the geolocation data, this might expose people to burglaries. In one case, a smart camera log contained “a message that was recorded word for word”, according to the analysis, complete with a host of screenshots showing redacted examples of the leaked data.


You may also read!

Dhrupad Trivedi joins A10 Networks as the new CEO

A10 Networks announced that Dhrupad Trivedi has joined the company as its new President and Chief Executive Officer. Lee


Qualys launches new Vulnerability Management, Detection and Response app 

Qualys, announced its new Vulnerability Management, Detection and Response (VMDR) app to provide customers with one streamlined workflow to scan, investigate, prioritize and neutralize threats. Comments


Threats from 5G connectivity

Trend Micro’s latest research explored the threats to 5G connectivity from SIM jacking, identity fraud, fake news, and poisoning


Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu