A company that makes various smart home products continues to leave customer passwords, emails, and other sensitive information exposed via a publicly accessible database.
The database, created by the Chinese company Orvibo, exposes 2 billion logs from customers and stems from a misconfigured server which does not require a password for access, reports ZDNet.
According to researchers at vpnMentor who discovered the leak, the database contains usernames, email addresses, passwords, and geo-locations and continues to be publicly accessible since their initial discovery in mid-June.
A popular smart home company based in China has left 2 billion customer logs containing password information, email addresses and more open to the public. Stock image
Researchers have repeatedly tried to notify Orvibo -- makers of smart locks, security cameras, smart bulbs, and more -- but have yet to receive a response. In all, the company manufactures more than 100 smart home products.
VpnMentor reports that the the breach appear to affect customers around the world including some in China, Japan, Thailand, the U.S., the U.K., Mexico, France, Australia, and Brazil.
'The amount of data available from Orvibo’s servers is enormous. It’s also highly specific, which shows just how much data smart home devices can collect about their users,' said vpnMentor in a report.
'According to the company, there are over a million users who have installed Orvibo products in their homes and businesses.'
Researchers point out that while Orvibo did make some attempt