More than two billion user logs containing information on Chinese home solutions company Orvibo’s customers were leaked after a database was left exposed.

The company sells a portfolio of 100 smart solutions to manage energy and security systems, such as lighting systems, home entertainment devices and HVAC, in homes, offices and hotel rooms via a smart home cloud platform. 

Among the customer data exposed by the unprotected ElasticSearch cluster were: email addresses, passwords, user geolocation, conversations recorded with smart cameras, usernames and IDs, IP addresses, account reset codes, device names, identities of devices accessing accounts, schedules, and family names and IDs, according to vpnMentor researchers, led by Noam Rotem and Ran Locar, who discovered the database.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.