A Northern California resident was pranked by a hacker who manipulated her Nest camera into sending warnings that ballistic missiles were launched from North Korea and headed to the United States, the East Bay Times reported.
Laura Lyons, who was cooking at home on Jan. 20, said she heard a loud alarm coming out from the living room followed by a man’s voice.
“North Korea had launched 3 intercontinental ballistic missiles toward the United States, and the United States had launched a counter-attack and recommended everyone take shelter,” Lyons recalled the message saying.
The voice also told Lyons that the missiles were aimed at Los Angeles, Chicago and Ohio, where people were told to evacuate within three hours.
You’re hacked. It happened to me too. Change your password and set up 2 factor authentication immediately. Nest customer support will blame you for using a repeated password.
— 💧 (@thomasdmay) January 17, 2019
“It sounded completely legit, and it was loud and got our attention right off the bat. … It was five minutes of sheer terror and another 30 minutes trying to figure out what was going on,” Lyons told the East Bay Times.
While terrified by the message, Lyons and her husband found out that the voice actually came from their Nest camera that was placed on the television.
“My first thought was which car are we going to get into now because the Bay Area would be such an obvious target,” Lyons said. “I was thinking we can stop at our friends in Napa. I was disappointed I didn’t have much cash on me. I was going right down the rabbit hole.”
However, Lyons could find no media coverage about the warning. She then called 911, and the operator said there had been no other calls, so she realized that the message she received was likely false. In the end, she figured out that the whole thing was a hoax and she was a victim of a third-party hack after communicating with Nest’s customer service.
“They have a responsibility to let customers know if that is happening,” she said. “I want to let other people know this can happen to them.”
In fact, Lyons is not the only one who experienced such a bizarre situation recently. Several Twitter users tweeted about similar problems that happened to their smart home devices.
This is certainly unfortunate, and we’re sorry to hear this happened. We've carefully examined our systems and there's been no systems breach on our end. We recommend updating your password and enabling 2-step verification if you haven't already.
— Nest (@nest) January 21, 2019
One user named Jesse complained to Nest’s official Twitter account on Jan. 21 that “someone was talking” through her camera, which she suspected was hacked.
“This is certainly unfortunate, and we’re sorry to hear this happened. We’ve carefully examined our systems and there’s been no systems breach on our end. We recommend updating your password and enabling 2-step verification if you haven’t already,” Nest replied.
We're disappointed to hear this, and we'd like to further assist you with your Nest account. Could you please send us a direct message so that we can discuss this issue in depth?
— Nest (@nest) January 22, 2019
Another Twitter user named Hi Im Aaron said the 2-step verification didn’t help much in his case.
“Just had someone hack into my camera and shout out the ‘N’ word at me and scream in my living room. Two step verification and new password was set up this morning. This was the second time.. Can’t trust your products as much as I’d like too,” the user said.
Can you send us a DM with more information about what happened there?
— Nest (@nest) January 23, 2019
“These recent reports are based on customers using compromised passwords (exposed through breaches on other websites),” according to a statement sent from Google, who owns Nest, to the East Bay Times.
“In nearly all cases, two-factor verification eliminates this type of the security risk,” the company said in an email statement. “We take security in the home extremely seriously, and we’re actively introducing features that will reject comprised passwords, allow customers to monitor access to their accounts and track external entities that abuse credentials.”
In another YouTube video, an Arizona resident had an informative conversation with a hacker from Canada through a hacked Nest camera. Fortunately, the hacker didn’t do anything harmful but to send the Nest user a wakeup call that his password was not secure.