Safety and Security

Researchers Find Over 2 Billion Records Exposed In Orvibo Data Breach


In a reported leak of billions of user records in a smart home data breach, researchers have found that a database that belongs to Chinese firm Orvibo has been left open without a password for protection. The database is said to encompass over 2 billion logs that include a range of information from account reset codes to user passwords, Forbes reported.

Orvibo, which runs a management platform for the internet of things (IoT) and is based in Shenzhen, reportedly says it has over a million users ranging from private individuals who have smart home systems to hotels along with other customers in the business space. The company is said to make 100 different smart automation or smart home devices. Other information reportedly involved in the breach includes scheduling information and precise geolocation.

The reset codes, however, were found to be of particular concern. According to a report from vpnMentor, “These would be sent to a user to reset either their password or their email address.” It also notes that “with that information readily accessible, a hacker could lock a user out of their account without needing their password. Changing both a password and an email address could make the action irreversible.”

In separate smart home device news, research that surfaced in a report last year noted that the global demand for smart home devices will exceed sales of smartphones by 2023. The research found that shoppers worldwide bought 663 million smart home devices in 2017 and that number is said to rise in 2023 to 1.94 billion.

The report noted, “Consumer spending on smart home related hardware, services and installation fees will reach nearly $96 billion in 2018 and grow at a 10 percent CAGR to $155 billion by 2023,” It continued, “Spending on devices will account for $53 billion in 2018 or 55 percent of the total and grow at an 8 percent CAGR to $78 billion in 2023, or 51 percent of total spending.”



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.