Using this forum, how to I respond to a previous partial post. Some people have figured this out. Those posts have a copy of a paragraph of a previous post…
My Alex is working just fine FYI
Nope. You would need to create a new account with the new email address and reconnect all cameras to that account.
How did “paste” the post from Wyze into this post?
No, I’m not a Wyze employee, just a Wyze customer and forum volunteer. I can speculate on reasons like anyone else, but unfortunately I have to wait for the official word from Wyze like everyone else 
I can’t say for sure what is true, but as an informed consumer and IT professional, I can consider all the facts that have been presented (making a personal choice not to believe unverified claims until further evidence is presented) and take protective measures. Right now, with the evidence I have, it is my personal opinion that nothing that was leaked was of enough consequence to warrant any panic on my part.
It’s difficult to sit and wait, not knowing if tomorrow will reveal some additional leak, breach, or worse, but ultimately that’s what we all have to do until Wyze and the security firm they’re working with have completed a thorough investigation.
4 Likes
My understanding is that there was some residual Alexa token cleanup by Amazon yesterday. It was not large scale and thus probably why not broadcast widely. Re-link the skill and you should be good to go.
3 Likes
I just figured it out
2 Likes
No, I don’t have those detectors. I’m the only one who has access to these cameras, the app was installed on my phone.
Select some text in an existing post and you should see a Quote button pop up:
Click that and a reply will be generated with that text quoted. While still in the compose frame, you can quote other text and quotes will be added to your reply.
2 Likes
i just realized the email that i used for Wyze cam is only for wyze cam so if there is any phishing attempts going to that email address ill know
also my wifi is monitored with a honeypot style feature so if there is an attempt to login ill know.
all logins require admin approval
also please @UserCustomerGwen please look into https://sqrl.grc.com/ for a new single sign on. this will allow SQRL to grow and be more widely used .
2 Likes
Two wyze I would like to say I know you’ve seen many people say that they are selling the devices they have or are no longer be placing orders with you and that you have lost them as a customer. So I would like to just come at it from the other side and say I placed an order that will be delivered on Friday and I have not lost faith in Wyze and their employees. You still have some of us out there who understand that this happens and you’re doing everything you can to fix it.
Edit: typo
5 Likes
It’s understandable that Wyze wouldn’t want to make statements about unverified claims in an official email until they have completed their investigation. As I said, if true these claims would be very alarming. I simply don’t have any confidence in 12 Security’s truthfulness after their most recent articles. I’m looking forward to those specific issues you mention being addressed by Wyze or a reputable security researcher.
2 Likes
Thanks for your reply. As you said, it is all speculation, some are hoping good and others are hoping bad.
I hope Wyze will answer some of these questions.
Yes, being many years in IT and few years in the security industry, I am more worried about their lack of security practices (yes, it is my guess and I am happy if they prove me wrong) rather than intentional/unintentional mistakes they did. They are clearly not storing the data securely, allowing dev to move customer data to non-prod etc, mistakes are inevitable and it is the reason why you had have a plan in place.
An example, why do you allow customer data to be copied into non-prod. if you don’t stop this, sooner or later data will be leaked intentionally or unintentionally. Most of the security companies will not provide read access to dev/qa for their customer data on Prod. If they really need some data to analyze production issues, it will be provided by TechOps with proper masking. Let’s see if we hear any of these things from Wyze.
1 Like
Thanks, I did re-enable the skill, sign in again and all is fine. I didn’t see where they said they were doing further Alexa token cleanup.
But see… I’ve been generally supportive of Wyze through all of this, posted that support, etc, and this is the kind of thing that’s really annoying. With all of the speculation and and near universal calls from customers on this forum for Wyze to communicate quickly and accurately with it’s users, disabling the skill which effected a bunch of routines and functions without telling me they did it is a bad thing.
1 Like
Wyze, I noticed your two-factor authentication only has option for phone verification code. If an attacker gets a hold of a person’s phone number they can socially engineer a attack with a cell phone provider called sim swapping! Basically your two-factor authentication is outdated and insecure already, please allow to use google authenticator or some other token ASAP!! I’m going to open separate support ticket for this so it can be tracked.
4 Likes
Hey Wyze -
My first knee jerk reaction was: “oh crap - not again!?!” However, I know mistakes happen, and although this one is certainly a… egg on Wyze’s face, sort of thing … that said - mistakes happen.
I’ve not read most of any responses on the board, but from what I read in the email received today was that Wyze has addressed the breach, and investigating. Mean time - no serious information was compromised, correct?
What I really wanted to point out is that with most any breach now days - - you don’t hear about them for SEVERAL MONTHS ! C’mon everyone… we all know, as the saying goes… [censored] “crap” happens. Wyze informed it’s customers within DAYS. 
My comment comes in the form of a commendation:
I commend Wyze for being upfront and honest, and promptly providing us the information.
Thanks Wyze
10 Likes
Wyze said they are going to be reviewing their security policies and I imagine many of these things will be a part of that. Certainly a number of security “best practices” were not being followed and that ultimately led to this situation. It’s a hard lesson for any company to learn, but I’m looking forward to seeing security become more of a priority.
6 Likes
Also my Alexa -Wyze skill shows updated 17 hours ago. That would be about 8:00 PM EDT
Not sure what the update was but mine is still enable.
2 Likes
There is a Wishlist item you can vote on asking for app/token-based 2FA:
I imagine this will be a top priority as Wyze implements more security features.
3 Likes
I await Wyze’s response then to this and the security issues implicated in 12Security’s second article.