Just checked my 4 comcast addresses … that was a rude awakening. 
2 Likes
Thank you for reporting this. We are sorry to hear about the experience you’ve had with that pornographic account. I can’t say for sure whether or not it’s tied to this data leak but I definitely get why this looks like the obvious answer. I shared this information with the team and we’ll keep an eye out for similarly timed reports.
To everyone else, this is a very stressful situation. And while we understand where people are coming from, the frustration and concern that some folks are experiencing due to this data leak is fair. Please be kind.
13 Likes
I would say the purpose of this whole giant thread is to discuss the data leak, which includes possible ramifications seen by customers, and get updates from Wyze on the situation. It seems perfectly reasonable for a member such as rabbithole2020 to report this even if it’s just highly coincidental based on the timing and his only use of the email address being for IOT. Obviously it can’t be proven the porn account was from this leak, but reporting it here so others that may see the same thing can help to form a conclusion.
7 Likes
You are correct that some people might be affected more than others and we need to be kind to those that are affected more so. But I believe the kindness goes both ways and that those individuals that have made accusations and are posting extremely negative comments against the company need to follow the same example.
1 Like
FWIW, you can check user names, too - ie, "username@goober.com" may return different results than "username" by itself.
/edit 1-6
Also, passwords. Subsequent posts in this thread detail the value of this.
You can search 
the entire thread for “pwned” and get a list to explore if you want.
5 Likes
We aren’t trying to stifle negativity against the company. We made a major mistake and people are going to feel crummy because of it. We can’t hide from that and part of the purpose of this thread is to give people a platform to speak.
Don’t get me wrong, do appreciate everyone’s support. We just want to ensure that this stays a friendly area as much as it can. We have amazingly intelligent and wonderful community members but sometimes things go a bit off the rails as conversation progresses and tempers get heated. It’s even more tricky when tempers are already high.
@rabbithole2020, our moderator was doing what his general instructions are earlier. We have a guideline about keeping the forum family friendly and he is instructed to edit out content that breaks that guideline. Following his edit, he replied trying to offer assistance for the situation you are dealing with. Our moderators are volunteers from the community and are not Wyze employees like I am. Please be kind to them.
15 Likes
More or less tolerance for “hostility” “anger” “confrontation” “vigorous argument” etc, might also depend on the particular family and community culture you come from.
I have a high tolerance for all of that, it’s where I came from. My sisters, however, “came from” the same place, but have far less (very little) tolerance for it.
Talking to them at length about why that might be, I discovered they experienced it, reflexively, as physically threatening.
So, you know, maybe gender, too?? I donno, everyone do their best… 
/edit Add maybe “generational”
/edit This post makes me wish the forum had “down vote” capacity.
/edit “viscerally” works in place of “reflexively”, too
2 Likes
Any chance any of these things can be implemented? @UserCustomerGwen @WyzeTao
Can you stop collecting information that isn’t needed or doing in a secure way?
Don’t collect SSID or internal network info. If you must for function, One-way HASH the SSID and save the hash.
And can we stop using phone #s and SMS for 2fa. Use OTP more secure and much more private and no overloaded verification servers.
Can this happen? Please?
1 Like
I am bringing all requests to the team. I can’t make promises for which requests will be worked on yet but I know we’re making a list of changes we’ll be implementing.
8 Likes
DId you ever get an answer? And I don’t even need it to connect to the app.
Gwendolyn, I truly appreciate your response and the actions Wyze has taken to correct this issue. I can confirm that the moderator who edited my original post reached out to me personally and did offer assistance. I greatly appreciate the ability to share my experience on the forum and vent my frustrations towards the less supportive individuals.
1 Like
I get that they’re entitled to their opinion and their feelings. But I feel that some of them have overstepped the guidelines laid out and should have to follow the same rules as those of us that are supporting the company
2 Likes
That is a good question. I don’t know the answer, but it’s possible they might not have your credit card info at all. A lot of times, sensitive financial info is kept with the payment processors. Worth asking, though.
2 Likes
I agree. But please allow the moderators and admins to address these issues. As demonstrated here, community members stepping in often makes it more challenging to get things sorted out. If you are concerned that someone is breaking community guidelines, please flag it so we see it more quickly.
To answer the question in discussion, Wyze doesn’t save payment information. This is why you pay when purchasing a product instead of when it ships. The payments for CMC happen through another company.
11 Likes
Good to know, thanks.
2 Likes
I am not convinced this site is reliable, I entered a number of real and fake email address and every one came back saying they been pwned…
The bigger question is now that I entered some of my real email addresses, they have them, so what will do with them? Hopefully nothing but where does it end…
I have some emails that have not been pwned according to that website. But yea, I agree, you kindof trusting them that they are not storing your emails that haven’t been pwned, or were they just gather emails to begin with. Haha.
I wonder what fake emails you used. Possibly been in those breached databases.
1 Like
I hear ya. I search-engined them, read their wikipedia entry and their on-site FAQs before providing anything. Looked OK to me, so took a quickly-calculated risk…
Thanks
What kind of fake email addresses were you testing? The kind a lot of people would enter as a fake email address if they want to avoid stuff going to their real emails? example@example.com? If so, you’d probably get a hit in most databases.
If you enter something fake that’s truly random, I doubt you’d get a hit. LrtZKx7YqQwgHqFj@ch5bWUs3p4eY6f4t.com, for example.
2 Likes