Nest issues warning to customers to fortify their accounts
Nest is telling customers to step up their security, in an email issued by Google’s smart home lead Rishi Chandra.
The email doesn’t specifically say why Nest users should further fortify their accounts, beyond that it’s “heard from people experiencing issues with their Nest devices” in recent weeks.
Chandra states that Nest was not breached, but says there is a risk that customers who use the same login credentials on multiple websites/platforms could be vulnerable if a breach were to happen elsewhere.
Read this: Your missing manual to everything Nest
While Chandra fails to note the specifics, there have been some recent incidents involving hackers gaining access to people’s Nest devices. The most notable was a recent case in Illinois where a family was taunted with racial slurs through a hijacked Nest smart camera.
In the email sent to customers this week, Nest lists several ways that people can improve the security of their accounts including 2-step verification, keeping their home router software up to date, and – for the love of God – choosing a better password.
On the whole it’s good advice, but Nest should really make customers do some of this during the setup process. Making 2-step verification mandatory would be a good start.
“We take protecting our users’ security very seriously,” wrote Chandra. “For added password security, the team looks across the internet to identify breaches and when compromised accounts are found, we alert you and temporarily disable access. We also prevent the use of passwords that appear on known compromised lists. While we can’t stop password breaches across the internet, we’re committed to limiting the impact of compromised credentials on Nest Accounts.