Hackers Hijack Nest Security Camera, Issue False Missile Attack Warning

The problem is more about compromised and reused passwords than Nest's security, specifically.

• By Jessica Davis
• Jan 28, 2019

A California family was deeply alarmed last weekend when hackers took control of their Nest security camera and began blasting a false emergency alert through their home.

Laura Lyons told CBS News that a voice from their Nest security camera said three North Korean missiles were headed to the United States and warned her family to take shelter.

"If we had any inkling that a data breach had occurred when we heard it coming out of that camera, we would have instantly been suspect as opposed to several minutes of, quite frankly, sheer terror," Lyons said.

Lyons, her husband and their son were panicked, she said. When they called Nest, "They admitted that they had received multiple reports of Nest cameras being hacked in the last week," Lyons said.

The problem is more about compromised and reused passwords than Nest's security, specifically.

Google, which owns Nest, told CBS News that “Nest was not breached.” Instead, Google said, customers like Lyons had been "using compromised passwords…exposed through breaches on other websites."

Google said it recently reset all Nest accounts "where customers reused passwords that were previously exposed".

“We take security in the home extremely seriously, and we’re actively introducing features that will reject comprised passwords, allow customers to monitor access to their accounts and track external entities that abuse credentials,” a Nest spokesperson said.

Lyons said that following the incident, her husband has changed their passwords, turned on two-factor authentication and turned off the Nest camera’s microphone and speaker.