Skip to main content

Amid security breaches, Nest urges customers to use stronger passwords

nest cam iq outdoor night
Image used with permission by copyright holder

The recent stories of Nest cameras being hijacked are like something from a nightmare. Imagine if a strange voice suddenly boomed out in your home or began to shout slurs and obscenities at you. Detailed accounts of incidents just like this have surfaced in recent weeks, most of which sound like a morality tale about the dangers of weak cybersecurity more than anything that might actually happen.

The more concerning issue, however, isn’t the security lapses, but the company’s response to them. “We’re reaching out to assure you that Nest security has not been breached or compromised,” Nest said in an email sent to its customers. “For context, even though Nest was not breached, customers may be vulnerable because their email addresses and passwords are freely available on the internet.”

Recommended Videos

In today’s world, everyone should be security conscious. Strong passwords are the modern-day equivalent of locking your doors at night. But even with that in mind, a company’s first response to major breaches shouldn’t be to say, “You need better security.” If Nest customers use the same email and password combination for their Nest account that they do for their email and other websites, any data breach could create vulnerabilities in any of their accounts.

Please enable Javascript to view this content

Nest supposedly takes actions to prevent these kinds of breaches from affecting their customers. In the same email, Nest said, “For added password security, the team looks across the internet to identify breaches and when compromised accounts are found, we alert you and temporarily disable access. We also prevent the use of passwords that appear on known compromised lists.”

The operative word is “known.” According to statistics, there were 668 known security breaches in 2018 and 1,579 breaches in 2017. It raises the question: How many breaches took place that weren’t discovered? The majority of data breaches are for-profit. After the breach, the hackers will sell the data to anyone interested in purchasing the information. If the breach contained no useful data, then it might never be detected.

The good news is that steps can be taken to prevent incidents like this from happening. Nest recommends enabling two-factor authentication to ensure no one can log in without a special code that will be sent each and every time you try to log in. Experts also recommend that anyone affected by the breaches make sure the hacker hasn’t added themselves to the Home Share plan, which will grant them access to your Nest account without a camera.

Even if you haven’t been affected by these incidents, it’s a good idea to enable two-factor authentication and take added steps to protect yourself. Even the more amusing incidents — like one hacker asking a homeowner’s Alexa to play Despacito — would be terrifying in the moment.

Patrick Hearn
Patrick Hearn writes about smart home technology like Amazon Alexa, Google Assistant, smart light bulbs, and more. If it's a…
Hackers take control of robovacs and use them to yell slurs
The Ecovacs T20 Omni docked in a living room.

The machines might one day rise against us, but for now, it's probably just a bored teenager. ABC News reported that Ecovacs Deebot X2 owners in multiple cities were victims of a cyberattack that resulted in someone taking control of their robot vacuums to yell hateful language at families and harass animals.

The hacks took place in May of this year in El Paso, Texas, Los Angeles, and Minnesota. When ABC spoke with Daniel Swenson, one of those affected, he said that a staticky sound erupted from his robovac. He said it sounded like a "broken-up radio signal," but that snippets of a voice could be heard. After resetting the device, the voice came back again and sounded like a teenager yelling racial slurs. Rather than reset the robovac again, Swenson turned it off.

Read more
Ring’s new Smart Video Search uses AI to quickly scour your motion history
Ring Smart Video Search on the mobile app.

Ring has revealed a new AI-powered feature called Smart Video Search that’s currently being tested in public beta. The goal is to make it easier than ever to find specific moments in your video history by allowing you to enter a text description of an event, which will then be used to scour your motion events for a clip that matches your input.

Smart Video Search uses a combination of Ring AI and Visual Language Modeling (VLM) to quickly search your video history based on a text description. For example, if you search for “red bicycle in the driveway,” your Ring app will automatically pull up any clips that feature -- you guessed it -- a red bike in your driveway.

Read more
Nest Learning Thermostat (4th Gen) vs. Nest Thermostat: Which smart thermostat is better?
Four Nest Learning Thermostats in a line.

The Nest Learning Thermostat (4th Gen) is the latest iteration of Google's premium smart thermostat, offering a bold new design and a wealth of new functionality. It carries a hefty price tag -- and depending on your needs, the more affordable Nest Thermostat might be the wiser option. But what exactly is the difference between the Nest Learning Thermostat (4th Gen) and Nest Thermostat?

From pricing and available colors to features and design, here's everything you need to know before making a purchase. And be sure to read our full fourth-generation Nest Thermostat review.
Pricing and design

Read more