A horror story of reusing passwords, a warning to us all

A horror story of reusing passwords, a warning to us all

Friday, 15 February, 2019

It is the mantra of our 21st century cyber world, don’t reuse your passwords. It’s dangerous and can be extremely costly. But do we heed the warnings? Well the experience of users of Google’s smart home outfit Nest should be a stark warning to us all.

Recently Nest has urged its customers to stop reusing their passwords they use between their smart home gadgets and other websites and services. The warning comes after bad guys were found using leaked or stolen usernames and passwords to log into Nest accounts and take control of the home gadgets. A form of attack known as ‘credential stuffing.’

Take the story of Arjun Sud. Arjun, from Illinois, USA found to his horror that hackers had got into his family’s account. They used it to change the temperature of his home. And at one point they heard a male voice talking to their child through the baby monitor. And then the voice began shouting obscenities in the living room.

Arjun found his details had been obtained from the dark web and was a victim of speculative hacking after usernames and passwords had been dumped online from other unrelated security breaches.

Or how about the California family who awoke one day to a warning blaring out of their Nest camera, claiming to come from Civil Defence. The warning claimed three ballistic missiles were heading their way and that President Trump had taken to his bunker.

It is expected that by 2021 there will be upwards of 25 billion connected devices in use, but we have no clear idea how many are regularly hacked. And experts believe this is a problem that will only get worse.

Next said it actively seeks out passwords online, and, they said, ‘when compromised accounts are found, we alert you and temporarily disable access. We also prevent the use of passwords that appear on known compromised lists.’

With a smart home involving security cameras, smoke alarms, thermostats, even the front door the possibilities for mischief are extremely high and extremely damaging. And although cybersecurity is rapidly catching up with the Internet of Things and smart home products, they still remain vulnerable to attacks. Nest is one of the few that applies protection measures embedded into its products.

But, in the end, it doesn’t matter how many defence mechanisms are put in place, if the user remains lax in their own security then they and their products will continue to be at risk.

Nest provides, like so many others, tips for better account security. Always use its two-factor authentication, choose a strong password that you only use for Nest. Never share your account login, but if you have to only use the company’s shared access service to allow others on your account.

Finally, always keep your router software up-to-date and be on the look out for phishing emails and suspicious activities.

Image: Santeri Vinamaki

TG Bamford author picture


A veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

UK 5G network goes live – are you up to speed?

Here's everything you need to know about the new mobile broadband network.

UK 5G network goes live – are you up to speed? Read more

TalkTalk offers exclusive £80 reward to new fibre customers

The huge bonus is available to anyone signing up for a 'Faster Fibre' bundle through BroadbandDeals.co.uk

Read more

TikTok ‘gifts’ empty kids piggy banks

Children are most vulnerable to 'influencer' donation pleas

Read more

Netflix ruins 90’s cartoon, enrages internet

The streaming giant came in for criticism for 'straightwashing' Japanese cult classic anime.

Read more

Porn-block pushed back by clerical errors

Further delays to the child-protection measure, with the process mocked as an 'utter shambles'.

Read more

How to watch Wimbledon online for free

How to make sure you don't miss out on the action from your favourite sports stars.

How to watch Wimbledon online for free Read more

Fast fines for ISPs could end the “Loyalty Penalty”

But could the proposed measures mean worse deals for those who shop around?

Read more

Boris Johnson mocks full-fibre roll-out plans

The likely next PM boasts plans to beat current targets by 8 years, but is it all just hot air?

Read more

Broadband and phone companies to put Fairness first

Telecoms providers commit to raising standards.

Read more

UK to get legal right to decent and affordable broadband

New legislation will ensure minimum speeds for every UK household.

Read more

GDPR – One year on

The landmark legislation gave people the ‘right to know’ when their data had been hacked.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Why Ofcom’s USO is more than pie in the sky

Why Ofcom’s USO is more than pie in the sky Read more

Protecting your small business against cyber attacks

Read more

Could 5G end fixed-line home broadband?

Read more

How broadband availability varies across the UK

Read more

Which social media platforms should I be on?

Read more

Will you get online on holiday?

Stay connected during your get-away.

Read more

Make the most of your broadband overnight

Make the most of your broadband overnight Read more

The main causes of slow internet connections

Slow broadband can be more than just an irritant - but what causes it, and what can we do to fight back?

Read more

Do you need to ramp up your broadband controls?

Read more

The different types of home computer

Read more

Will we all need gigabit broadband one day?

Read more
Back To Top