Hacker Turns Up Nest Thermostat, Plays Vulgar Music Through Family’s Camera
Google says the Nest smart home products were hacked due to the use of previously compromised passwords, not a breach of its own devices.
MILWAUKEE — Smart home products provide us with numerous benefits to make our lives more convenient. However, that convenience can come with a price.
It’s no secret that in spite of the benefits of smart home products, they can also be prone to hacking. This isn’t lost on consumers.
According to Parks Associates, 79% of US broadband households are concerned about data security or privacy issues. These concerns are no doubt fueled by horror stories of hackers speaking to people through their smart home cameras.
The latest incident happened last week when Samantha Westmoreland returned home from work to find her Nest thermostat turned up to 90°. She turned the temperature back down assuming it was a glitch. However, it would soon rise again and that’s when she heard a voice.
Westmoreland told Fox Now 6 a voice spoke to her from her Nest security camera and then began playing vulgar music. She and her husband changed their passwords but the issue persisted.
They also contacted their internet provider for a new network ID, assuming someone hacked into their WiFi network and then their Nest cam.
The local news station reached out to Google about the incident and received the following response:
Nest was not breached. These reports are based on customers using compromised passwords (exposed through breaches on other websites). In nearly all cases, two-factor verification eliminates this type of security risk.
Nest users have the option to migrate to a Google Account, giving them access to additional tools and automatic security protections such as Suspicious activity detection, 2-Step Verification and Security Checkup. Millions of users have signed up for two-factor verification.
Free and easily attainable resources such as the Shodan search engine make it easy for literally anyone to view Internet-connected devices. It’s imperative that we all utilize cybersecurity best practices to protect both our homes and customers.
As Google mentioned in the statement above, don’t use simple or compromised passwords and always turn on two-factor verification when possible.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Steve Karantzoulidis, Web/Senior Editor
Steven A. Karantzoulidis is the Web Editor for Security Sales & Integration. He graduated from the University of Massachusetts Amherst with a degree in Communication and has a background in Film, A/V and Social Media.
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
I have seen this story repeated so many times over the past week.
I am sure the the end users used weak passwords, orthe same password and username combination for multiple sites. This can and will lead to issues (hacking).
I bet the username was admin and the PW was password!
I encourage customers, family and friends to chnage the default username and password. And to change the password at least every 2-3 months.
I have nest devices (doorbell, thermostats, smoke detector). I’m not migrating to my Google account, unless forced to.
[…] stealing your privacy and autonomy. Ring isn’t the only device to have been hacked. Nest, Alexa, and baby monitors are just a few of the home devices that have bad actors have hacked and […]