UK Daycare Webcam Service Shuts Down After 12,000 User Email Addresses Are Leaked Online
A threat actor dumped 12,000 email addresses of NuseryCam users online last Friday, prompting the service to suspend operations.
NurseryCam is a remote webcam service used by around 40 daycare centers across the UK, allowing parents to watch and monitor their children’s activities.
News of the breach reached NurseryCam after the attacker notified the Register that he obtained the names, email addresses, usernames and hashed passwords of users. After verifying the leaked credentials with the help of IoT security expert Andrew Tierney, the media outlet immediately notified NurseryCam’s developers.
“A hacker contacted El Reg on Friday to say they had obtained real names, usernames, what appeared to be SHA-1 hashed passwords, and email addresses for 12,000 NurseryCam users’ accounts â€“ and had then dumped them online,” the online publication said. “Although this person claimed to have “redacted” those details, the redaction was so poor it was trivial to figure out the real names and contact details of NurseryCam’s parent users.”
NurseryCam services were suspended on Saturday, and the company disclosed a possible data breach to the Information Commissioner’s Office (ICO), which is now investigating.
According to NurseryCam’s director Dr. Melissa Kao, the breach was possible due to an undisclosed vulnerability in the system, allowing the attacker to view and exfiltrate personal data including usernames, email addresses, names and hashed passwords.
“The person who identified the loophole has so far acted responsibly,” Kao said in statement for the BBC. “He stated he has no intention to use this to do any harm [and] wants to see NurseryCam raise the overall standards of our security measures.”
Were you a victim of a data breach? Find out with Bitdefender”s Digital Identity Protection tool.
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices
August 27, 2021
Your Netflix Account May Be on Sale on Darkweb. Protect It
August 13, 2021
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021