The idea of having a security camera in your house is to make you feel safe. Unfortunately for a family in Orinda, California, hackers managed to hijack their Nest security camera and gave the home quite the scare by issuing a fake emergency broadcast warning of an incoming nuclear attack from North Korea.
The Lyons family was hit with the unexpected warning on Sunday afternoon, according to an account provided to the San Jose Mercury News. Without warning, they heard a loud sound similar to the static-sounding squeal that comes before the start of an emergency broadcast alert coming from their Nest security camera. That noise was followed by a message that claimed three intercontinental ballistic missiles had been launched from North Korea and were heading to Los Angeles, Chicago, and Ohio. The alert claimed the United States was retaliating against Pyongyang for the attack, but warned people in the affected cities they had three hours to evacuate.
Needless to say, the message had the family panicking. Laura Lyons told Mercury News that the message sounded legitimate and it caused “five minutes of sheer terror and another 30 minutes trying to figure out what was going on.” The family looked for any sort of indication the attack was real, turning on the TV and flipping to news channels to see if there was any coverage of the supposed attack. The Lyons’ son hid under a rug while the adults called 911 and Nest’s customer service to determine if the warning was real. The family eventually determined the warning was likely the result of a third-party hack that allowed the attackers to hijack the family’s security camera.
In a statement provided to Digital Trends, a spokesperson for Nest insisted that the company “was not breached.” Instead, the hack was likely the result of a targeted attack against the family’s security setup, which may have reused an exposed password that was available online.
“These recent reports are based on customers using compromised passwords (exposed through breaches on other websites). In nearly all cases, two-factor verification eliminates this type of the security risk,” the spokesperson said. “We take security in the home extremely seriously, and we’re actively introducing features that will reject comprised passwords, allow customers to monitor access to their accounts and track external entities that abuse credentials.”