CATEGORIES
home News

Google Blocks Xiaomi-Nest Integration Following Egregious Security Fail

by Shane McGlaunFriday, January 03, 2020, 08:24 AM EDT
xiaomi hm leak

It's been a rough couple months for makers of IP security cameras as no one seems to be able to keep user data secure. The latest issue that has sprung up involves Xiaomi cameras that are linked to a Google account. An owner has posted to Reddit that his Xiaomi Mijia camera and Nest Hub setup is receiving still images from the homes of random people. 

Images that the user claims to have found, and has offered photographic evidence of (seen here), includes a sleeping man in a room and an infant sleeping in their bed. The Reddit user goes by /r/Dio-V and says that the camera in use is a Xiaomi Mijia 1080p Smart IP Security Camera that is linked to a Google account to use with Google/Nest through the Xiaomi Mi Home app/service. The user goes on to say say that the Nest Hub and the camera were purchased new.

baby xiaomi leak

When he tried to playback footage from his camera, instead, he says a random, occasionally partially corrupted black and white still image from another home is seen. It's unclear if the three images the Reddit user provided as proof of his claims are all from the same house or all from separate homes. The user did say that the pictures show a different time zone than his own. There is a chance this is all a hoax, but it would be an elaborate one.

Google is taking no chances and has terminated Xiaomi's integration on Google devices. Google also noted it has reached out to Xiaomi and is working on a fix. The Reddit poster has confirmed that the camera no longer works on his Nest Hub. For its part, Xiaomi has issued the following statement:

Xiaomi has always prioritized our users' privacy and information security. We are aware there was an issue of receiving stills while connecting Mi Home Security Camera Basic 1080p on Google Home hub. We apologize for the inconvenience this has caused to our users.

Our team has since acted immediately to solve the issue and it is now fixed. Upon investigation, we have found out the issue was caused by a cache update on December 26, 2019, which was designed to improve camera streaming quality. This has only happened in extremely rare conditions. In this case, it happened during the integration between Mi Home Security Camera Basic 1080p and the Google Home Hub with a display screen under poor network conditions.

We have also found 1044 users were with such integrations and only a few with extremely poor network conditions might be affected. This issue will not happen if the camera is linked to the Xiaomi's Mi Home app.

Xiaomi has communicated and fixed this issue with Google, and has also suspended this service until the root cause has been completely solved, to ensure that such issues will not happen again

Recently Ring had an issue where it leaked the credentials of 3,600 Ring Camera owners. Wyze also had an issue where it leaked user data.

Tags:  Google, security, Xiaomi, (nasdaq:goog), nest hub
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment