As reported by Bleeping Computer, Chinese smart home solutions provider Orvibo leaked more than two billion user logs containing usernames, passwords, home addresses and control information from users all over the world. The Chinese tech company offers consumers connected home products to allow them greater control over their residences, offices and hotel rooms via integrated systems able to control things like door locks, HVAC systems and home electronics.
A compromise of this nature rattles consumers on a tangible level. While the compromising of data on the abstract level – i.e. credit card breaches and credit reporting hacks – is harmful, a data breach allowing intruders to control your home security makes the intrusion all the more ‘real’ for the consumer. Billions of accounts all over the world were leaked and in turn compromised by Orvibo, with information like usernames, passwords, and home addresses. Since the data stored by the company includes lock information, the data breach becomes even more dangerous for the consumer. Perpetrators armed with this data would be able to locate the homes of account holders, then unlock the smart locks homeowners rely on to secure valuables and ensure their personal safety.
This data breach is yet another example of Chinese technology lacking the operational security required to ensure user safety. Orvibo was able to attract customers through the promise of low prices and a connected home, later leaving those same customers stranded with compromised technology and a loss of trust in their equipment. Much like what Americans face when using Chinese technology from Huawei and Lenovo, Orvibo customers are now left wondering exactly who has access to their most sensitive information.