Misconfiguration exposes Virtavo security cam user data

Share This Post



Cybernews reports that security camera maker Virtavo had information from more than 100,000 users of its Home V App for iOS, most of whom are in China, potentially exposed as a result of a misconfigured Elasticsearch server that was secured nearly two months after disclosure.

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers. “The device identifiers, such as MAC addresses, point to Virtavo as a vendor. This information could potentially help to exploit Virtavo cameras and identify their owners. The exposure of this data highlights significant lapses in data security practices,” said researchers, who also noted Virtavo’s excessive data gathering activities. Such a development should prompt organizations to not only ensure the security of their Elasticsearch instances but also conduct data encryption and access monitoring activities while adhering to the principles of data minimization.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Do You Want To Boost Your Business?

drop us a line and keep in touch