Stop Blaming Your Employee, Wyze

By: John Honovich, Published on Dec 30, 2019

Wyze management is at fault for its massive data leak, not its 'employee', as it has centered the blame on.

While blaming an employee is clever marketing, it obscures the real issue here - that Wyze failed fundamentally at providing cybersecurity controls for the millions of users of its service.

Wyze started this in their response to the leak, clearly calling out the employee who made the "mistake":

That narrative continued, culminating in the NY Times leading with the "employee's mistake":

Clever Marketing

On the plus side, this is clever marketing. By leading with an individual employee mistake, they can garner sympathy. Everyone has made a mistake. Forgive and forget, etc.

Blame Wyze Management

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

The reality is that Wyze management has to be held responsible. And not simply in a generic 'the buck stops here' way.

Even accepting Wyze's explanation of what happened, the following series of serious errors occurred beyond 'the employee':

  • Wyze decided to mass copy and paste customer data. The reason claimed was to "measure basic business metrics like device activations, failed connection rates". Why did they need to include customer email addresses, WiFi SSIDs, heights of customers, etc. to accomplish that? Was that the fault of the same 'employee'?
  • When the 'employee' 'removed' the "security protocols for this data", why did no other employee or manager at Wyze check this? Can employees simply unilaterally remove security protocols or copy and paste customer data? Beyond that, why was there no automated way to be alerted for this immediately?
  • How did this mistake remain unfixed for weeks? How did no one at Wyze notice it was publicly listed online? How long would the mistake have been unresolved if Twelve Security did not publicly report it? Are there no other 'employees' at Wyze that monitor for these things?

Wyze is an excellent marketing and customer support organization - full stop.

But they are a poor engineering organization that rests heavily on other companies like their PRC China manufacturer Tianjin Hualai Technology.

Likewise, for their AI video analytics, they depended on XNOR.ai, with that partner abruptly canceling on them last month.

For a company that is literally named 'Wyze Labs', the reality is that their technical capabilities are insufficient for the massive customer scale they have now reached.

Sample Responses

We are not the only ones who see a problem in blaming an 'employee', for example:

And:

And:

And:

Move Fast And Leak Customer Data

Not only is a Wyze' 'employee' at fault but Wyze emphasized their 'extremely fast growth'.

While some may say that the era of 'move fast and break things' is over, evidently not for Wyze.

Wyze has grown extremely fast. Their unmatched combination of super low-cost China technology and American e-marketing has made them a major security provider.

Now, the company's management needs to accept the responsibility that comes with their size.

Comments (24) : PRO Members only. Login. or Join.

Related Reports

Securadyne CEO: IPVM 'Entertaining For An Ignorant Few' on Apr 16, 2019
Securadyne's CEO Carey Boethel is unhappy with IPVM's report - Failed Integrator Rollup, Securadyne Sells to Guard Giant Allied. Indeed, he...
Closed Cloud Cameras Trashed on May 13, 2019
When you buy a camera, do you own it? Not anymore. In the world of closed cloud cameras, you may think you are buying a camera but all you are...
Security Dealer 'Social Media Contractor' Program on Jun 25, 2019
A $20,000 video surveillance system can be yours for free if you are willing to post on social media about the security dealer. Good deal, bad...
TMA Apologizes to Amazon / Ring on Aug 23, 2019
Not only is Amazon / Ring making major incursions into the residential security market, the organization representing the biggest incumbents, The...
3 Weeks Later, Honeywell Still Cannot Say Whether They Are Vulnerable To Dahua Wiretapping [Now Admits] on Aug 27, 2019
The Dahua wiretapping vulnerability and Dahua's decision to delay disclosing it until IPVM inquired underscored problems with cybersecurity and...
Wyze Fires Back at JCI - Your Patents Are Invalid, Pay All Of Our Costs on Nov 18, 2019
Goliath JCI targeted startup Wyze this summer alleging the fast-growing consumer startup was violating a slew of JCI's patents. Now, Wyze has...
XNOR.ai Terminates Wyze on Nov 27, 2019
Wyze has shocked the industry again - this time with a major setback. Just months ago, Wyze triumphantly added AI analytics to their ~$20 cameras,...
"Good Market, Bad Business Models" - Residential Security on Dec 11, 2019
Industry banker John Mack, at his company's annual event, took aim squarely at the problems in the residential security...
ADT CEO Not Worried About DIY: "2 Discrete Markets" on Dec 13, 2019
ADT's CEO is not worried about DIY, characterizing DIY and ADT's DIFY as "2 discrete markets" at the Imperial Capital Security Investor's...
Wyze Massive Data Leak on Dec 26, 2019
Wyze has exposed millions of user's data, as reported by Twelve Security, and confirmed by IPVM, who has spoken with Twelve Security and reviewed...

Most Recent Industry Reports

'Severe Impact' Mercury Security 2020 Leap Year Firmware Issue on Jan 17, 2020
One of the largest access controller manufacturers has a big problem: February 29th. Mercury Security, owned by HID, is alerting partners of the...
Apple Acquires XNOR.ai, Loss For The Industry on Jan 16, 2020
Apple has acquired XNOR.ai for $200 million, reports GeekWire. This is a loss for the video surveillance industry. XNOR.ai stunned the industry...
Installation Course January 2020 - Last Chance on Jan 16, 2020
Thursday, January 16th is your last chance to register for the Winter 2020 Video Surveillance Installation Course. This is a unique installation...
Halo Smart Vape Detector Tested on Jan 16, 2020
The Halo Smart Sensor claims to detect vaping, including popular brand Juul and even THC vapes. But how well does it work in real world...
PRC Government Entity Now Controlling Shareholder of Infinova / March Networks on Jan 16, 2020
A PRC government entity is now the controlling shareholder of US security manufacturer Infinova as well as its wholly-owned subsidiary March...
Network Cabling for Video Surveillance on Jan 15, 2020
In this guide, we explain the fundamentals of network cabling for video surveillance networks, how they should be installed, and the differences in...
ONVIF Trashed Statement, Confirms Dahua and Hikvision Still Suspended on Jan 15, 2020
ONVIF has 'trashed' the suspension statement for Dahua, Hikvision, Huawei, etc. but confirms to IPVM that those companies are all still...
Wyze Smart Door Lock Test on Jan 14, 2020
Wyze's inexpensive cameras have grabbed the attention of many in the consumer market, but can the company's new smart lock get similar...
Wesco Wins Anixter on Jan 13, 2020
Despite Anixter earlier arguing that Wesco's bid was inferior to CD&R's by nearly 10%, Anixter confirmed that they are taking Wesco's 3.1%...
Anixter Resisting Takeover From Competitor, Bidding War Emerges, Wesco Wins on Jan 13, 2020
Mega distributor Anixter is going to be acquired but by whom? Initially, Anixter planned to go private, being bought by a private equity firm....