Unprotected Elasticsearch database exposes 2 billion user records from smart home devices
Friday, July 5, 2019
Security researchers, Noam Rotem and Ran Locar, from vpnMentor recently revealed in their report, that a Shenzhen-based Chinese IoT management platform company, Orvibo exposed its user database online without any password protection.
Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, can go a step further than changing their passwords and “file a legal complaint and deactivate any remote management of their homes if it is doable.”
Yesterday, Orvibo responded by saying that they had secured the database. They said, “Once we received this report on July 2nd, ORVIBO’s RD team took immediate actions to resolve security vulnerability”.
The company said they have taken the following solutions to resolve the issue: Read Full Article
Forbes: Confirmed: 2 Billion Records Exposed In Massive Smart Home Device Breach