California family says hacked Nest camera warned of North Korea missile attack

(CBS News) -- A family in California is demanding tech companies take stronger action to protect consumers after their home security system was apparently hijacked. Laura Lyons said hackers took control of her Nest security camera, and it began blasting an emergency alert through her family's home. A voice said three missiles from North Korea were headed to the U.S. and warned them to take shelter, Lyons said.

"If we had any inkling that a data breach had occurred when we heard it coming out of that camera, we would have instantly been suspect as opposed to several minutes of, quite frankly, sheer terror," Lyons said.

The hoax sent Lyons, her husband, and their 8-year-old son into a panic, reports CBS News correspondent Anna Werner. 

"We called Nest," Lyons said. "They admitted that they had received multiple reports of Nest cameras being hacked in the last week."

In a statement to CBS News, Google, which owns Nest, said: "Nest was not breached." Instead, the company said customers, like Lyons, had been "using compromised passwords…exposed through breaches on other websites." Last week, a website that tracks compromised online logins claimed it uncovered over 790 million unique email addresses and passwords – all compiled from more than 2,000 alleged databases. 

Google said it recently reset all Nest accounts "where customers reused passwords that were previously exposed" and "is actively introducing features that will reject compromised passwords."

Wired news editor Brian Barrett said while tech companies stress greater security and convenience, users shouldn't lose sight of taking precautions of their own.

"You don't want to say anything is a 100 percent secure all the time," Barrett said, adding, "Incidents like this remind people that they need to give their devices a second thought, take a strong look if they really need them, why they need them, and if they are going to get them, how are they going to make sure they will stay protected."

Tech companies like Google, Apple, and Facebook offer a security feature called "two-factor authentication." It makes you take an extra step – such as entering a code – to prove it's really you after giving your username and password. It's something Lyons did not have turned on until this happened.

In addition to not reusing passwords and enabling two-factor authentication, Barrett also recommended a password manager. Lyons said since the incident involving her family's Nest security camera, her husband changed their passwords, turned on two-factor authentication, and turned off the device's microphone and speaker.

Share this article: