After a string of reported cybersecurity issues, Nest has sent an email to its customers denying any security breaches. Many people are experiencing issues because their email addresses and passwords are easily accessible on the web, Rishi Chandra, Nest’s Vice President of Product wrote in the email. When websites are compromised, hackers can attain users’ email addresses and passwords. Subsequently, they can access any account that uses the same credentials.
In an email titled “Your Nest Account Security,” sent February 6, 2019, Nest denied any breaches or compromises of their system, instead blaming security issues on anonymous third parties. To prevent future attacks, Nest immediately alerts the user and disables their access if an account is found to be compromised. They also prevent the user from using passwords that are available on compromised lists.
The email also offered security tips for customers. To increase cybersecurity, users can enable two-step verification, choose strong, unique passwords for their Nest accounts, set up family accounts instead of giving others their usernames and passwords, look out for phishing emails, and keep home network routers up to date.
Many users of connected devices and smart home platforms have complained of cybersecurity breaches. In October, Amazon fixed 13 security flaws founded in an operating system used in their connected devices along with Amazon Web Services. The flaws would allow hackers to “crash devices, leak their memories, and run code remotely,” taking total control of the device.
Similarly in August T-Mobile had a security breach that affected nearly two million customers. Many clients’ passwords were compromised and T-Mobile’s cybersecurity department reported the event to the authorities. Other information that the hackers accessed includes customers’ names, billing addresses, phone numbers, email addresses, zip codes, and more. Just like with Nest, T-Mobile clients were urged to change their passwords. As connected devices become increasingly popular, more cybersecurity issues seem inevitable.