Hacker Turns Up Nest Thermostat, Plays Vulgar Music Through Family’s Camera

Google says the Nest smart home products were hacked due to the use of previously compromised passwords, not a breach of its own devices.

MILWAUKEE — Smart home products provide us with numerous benefits to make our lives more convenient. However, that convenience can come with a price.

It’s no secret that in spite of the benefits of smart home products, they can also be prone to hacking. This isn’t lost on consumers.

According to Parks Associates, 79% of US broadband households are concerned about data security or privacy issues. These concerns are no doubt fueled by horror stories of hackers speaking to people through their smart home cameras.

The latest incident happened last week when Samantha Westmoreland returned home from work to find her Nest thermostat turned up to 90°. She turned the temperature back down assuming it was a glitch. However, it would soon rise again and that’s when she heard a voice.

Westmoreland told Fox Now 6 a voice spoke to her from her Nest security camera and then began playing vulgar music. She and her husband changed their passwords but the issue persisted.

They also contacted their internet provider for a new network ID, assuming someone hacked into their WiFi network and then their Nest cam.

The local news station reached out to Google about the incident and received the following response:

Nest was not breached. These reports are based on customers using compromised passwords (exposed through breaches on other websites). In nearly all cases, two-factor verification eliminates this type of security risk.

Nest users have the option to migrate to a Google Account, giving them access to additional tools and automatic security protections such as Suspicious activity detection, 2-Step Verification and Security Checkup. Millions of users have signed up for two-factor verification.

Free and easily attainable resources such as the Shodan search engine make it easy for literally anyone to view Internet-connected devices. It’s imperative that we all utilize cybersecurity best practices to protect both our homes and customers.

As Google mentioned in the statement above, don’t use simple or compromised passwords and always turn on two-factor verification when possible.

About the Author

Contact:

Steven A. Karantzoulidis is the Web Editor for Security Sales & Integration. He graduated from the University of Massachusetts Amherst with a degree in Communication and has a background in Film, A/V and Social Media.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.

A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!

Subscribe Today!

One response to “Hacker Turns Up Nest Thermostat, Plays Vulgar Music Through Family’s Camera”

  1. Larry D Turner says:

    I have seen this story repeated so many times over the past week.

    I am sure the the end users used weak passwords, orthe same password and username combination for multiple sites. This can and will lead to issues (hacking).

    I bet the username was admin and the PW was password!

    I encourage customers, family and friends to chnage the default username and password. And to change the password at least every 2-3 months.

    I have nest devices (doorbell, thermostats, smoke detector). I’m not migrating to my Google account, unless forced to.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters