Security researcher says Eufy has a big security problem

What you need to know

  • Security researcher Paul Moore has discovered several security flaws in Eufy’s cameras.
  • User images and facial recognition data are being sent to the cloud without user consent, and live camera feeds can purportedly be accessed without any authentication.
  • Moore says some of the issues have since been patched but cannot verify that cloud data is being properly deleted. Moore, a U.K. resident, has taken legal action against Eufy because of a possible breach of GDPR.
  • Eufy support has confirmed some of the issues and issued an official statement on the matter saying an app update will offer clarified language.

Update Nov 29 11:32 am: Added Paul Moore’s response to Android Central.

Update Nov 29 3:30 pm: Eufy issued a statement explaining what’s going on which can be seen below in Eufy’s explanation section.