Eufy Is Uploading ”Local Only” Data to the Cloud

Disclosure: This post contains affiliate links. If you click through and make a purchase, I will earn a commission, at no additional cost to you. Read my full disclosure here.

Eufy, a company with a dubious security history, seems to be causing alarm yet again. Amidst Black Friday sales and discounted products, customers are left without clear guidance or response from the company. Information Security Consultant Paul Moore ignited the conversation with a series of tweets and a video demonstrating Eufy's concerning behaviour.

Contents

YouTube video

Eufy’s Unsettling Actions

According to the video shared by Paul Moore, Eufy's doorbell appears to upload images of faces, each with a unique ID, to an AWS server, along with the video's thumbnail. The data is stored unencrypted and potentially accessible to anyone. This cannot be dismissed as a mere accident or bug.

A statement from Eufy's website: “Your Privacy is Our Priority We are taking every step imaginable to ensure your data remains private with you. Whether it is your newborn crying for mum, or your victory dance after a game, your recorded footage will be kept private. Stored locally. With military-grade encryption. And transmitted to you, and only you. That is just the start of our commitment to protect you, your family, and your privacy.”

Eufy’s Troubled Security Past

Eufy's security track record isn't exactly stellar. A software bug reportedly exposed the camera feeds of 712 customers to strangers. It took Eufy two days to acknowledge the problem and issue a statement, leaving many users in the dark about their privacy being violated.

Additionally, some users found that resetting a camera using its button would erase all footage recorded by the device, even if stored on a HomeBase. Eufy confirmed that this is expected behaviour, which raises concerns about potential criminal exploitation.

Earlier this year, Bitdefender researchers uncovered multiple vulnerabilities in Eufy's 2K Indoor Camera. The company claims to have addressed the issues before the report was made public.

A Brief Look at Eufy

Eufy, operating under the motto “Smart Home Simplified”, is a subbrand of Chinese company Anker Innovations, known for their batteries and docking stations. With such questionable data practices and security issues, potential customers should proceed with caution when considering Eufy's products.

A portrait photo oif Liam Alexander Colman, the author, creator, and owner of Home Assistant Guide wearing a suit.

About Liam Alexander Colman

is an experienced Home Assistant user who has been utilizing the platform for a variety of projects over an extended period. His journey began with a Raspberry Pi, which quickly grew to three Raspberry Pis and eventually a full-fledged server. Liam's current operating system of choice is Unraid, with Home Assistant comfortably running in a Docker container.
With a deep understanding of the intricacies of Home Assistant, Liam has an impressive setup, consisting of various Zigbee devices, and seamless integrations with existing products such as his Android TV box. For those interested in learning more about Liam's experience with Home Assistant, he shares his insights on how he first started using the platform and his subsequent journey.

Leave a comment

Share to...