[Updated 02-13-20] Data leak 12-26-2019

I too am getting the same errors as others have posted about. It is a bit frustrating, however, I do trust that Wyze is doing everything in their power to resolve this issue.

@WyzeDongsheng , I’ve been with you from almost the beginning, and I will continue to be a loyal customer. Thank you for always being so transparent. Keep up the good work.

1 Like

I did not receive any emails from Wyze.

Now when I try to log in it just says “Invalid Number Entered.” I didn’t enter any number.

In addition to any security issues, the login system seems to be broken too.

Can someone please tell me how I can control my cameras?

I was able to delete Wyze out of Alexa and then re-add it but Alexa will not run any of the Wyze devices

Wouldn’t it be less a load on ur local servers for OTP type 2FA instead SMS? Since the code is generated on a app on the users phone and not some SMS sever thing? OTP is far more secure anyway (separate topic i know).

I can control things via GA atm, but the WYZE app is still not functional.


yea i have not gotten any emails nor my folks account.
U cant control anything most likely until u can log into the app.
Try again tommorw.

Hmm, I’m not sure. Maybe try it again? I did it, and it worked fine for me. Did you follow these directions?

1 Like

Yep I’m new to Alexa so I actually had an Alexa or excuse me an Amazon rep walk me through it and it did not work.

The email seems to be slowly making its way, I got it a minute or two ago. The ‘invalid number’ error should be resolved by letting the service get caught up.

Actually, now and days we tend to recommend against changing passwords frequently, as most people have a natural tendency to either 1) reuse passwords across different accounts, and/or 2) turn “s@fep@55word” into “s@fep@55word2”, “s@fep@55word3”, etc…

Simply recycling old passwords or appending a single character to an existing password does not harden password entropy.

Today’s best guidance is to 1) use unique, 2) complex passwords (12+ characters, including alphanumeric and special characters) for every single account you have.

EDIT: typo

EDIT 2: Actually, social engineering is regarded as the number 1 way of gaining unauthorized access, and many enterprise organizations use phishing education (eg KnowBe4) to educate their user base. Without a doubt, end-users are the weakest link in the chain. Someone “sniffing packet data”, setting up stingrays, etc… tend to be targeted attacks and require much more sophistication to execute successfully.


I just tried again and it is working

1 Like

Excellent. Glad to hear it! :slight_smile:

1 Like

I agree.

That is not Wyze’s responsibility.

I would also suggest from wyze to provide different 2FA service options.

1 Like

what was said above was that no passwords were breached, just emails and other data…

Why would I need to re-authenticate on my app? It’s not like I’m signing into the app the first time and it needs to send a 2FA code.

Something else is up

Wyze reset all of the security tokens as a precautionary measure. So, in that sense, it is like you’re signing in for the first time.


You need to re-authenticate because as a security precaution WYZE is forcing everyone to login again

1 Like

When i re-connected GA to WYZE HOME, it did not ask for 2FA, just my normal login info via web page. The first time i did that few weeks ago, it did ask for it.

I’m not sure how that works with third-party services, to be honest.

New Wyze user here. Received multiple cameras yesterday for Christmas and hooked them up this morning. Mounted them this afternoon … and now this data breach is not allowing me to access the cams! Bummer.

I, too, am stunned that Wyze uses SMS-based 2FA, especially since it’s proven to lack any semblance of security. I’ll stop trying to login tonight and will try tomorrow. If not resolved by lunchtime PST then I’ll ask my wife and kids to return the cams to Amazon and I’ll buy others.

NOTE: I wanted these cams as I did the Indigogo for Camect, the multi-camera box and all video staying within my house vs. the cloud. As ex-Google engineers, I suspect they’ll take security seriously and I can use any of a few dozen cameras with the box and will have lots of options. Just sayin’…


Since the alledged data breach and forced log in, all of my devices are gone in the app. Not good for a security system on both accounts.