Billions of Records Including Passwords Leaked by Smart Home Vendor (Updated)
Sergiu Gatlan reports:
A publicly accessible ElasticSearch cluster owned by Orvibo, a Chinese smart home solutions provider, leaked more than two billion user logs containing sensitive data of customers from countries all over the world.
Orvibo provides its clients with smart solutions designed to help them manage houses, offices, and hotel rooms via smart systems that offer security and energy management, as well as remote control and data recording/analysis using a smart home cloud platform.
Read more on BleepingComputer.
Update of July 9: Orvibo comments (below) that this leak was secured on July 2 and that BleepingComputer had updated their reporting by now. It appears that their update was issued after this site’s post appeared. At the time of this publication, there was no update on BleepingComputer and there was no statement on Orvibo’s website about the incident. Nor did they seem to send this site any statement before now with a request for updating. There are a lot of updates to breaches on a daily basis. As a solo blogger, this site can’t always keep up with them all. Companies are encouraged to send updates by email to breaches[at]databreaches.net.