The manufacturer of Smart Homes Devices Exhibits 2.7 Billion of Records in Huge Data Violence
Data violations are constantly happening and too often comes down to companies that failed to understand Cyber -Safe serious. Some of the biggest violations are caused by negligence, and now there is another main one to add to the list. Mars Hydro, a Chinese company that produces Internet of Things (IoT) devices such as LED light and hydroponic equipment, has left a huge database unprotected online. As a result, 2.7 billion records were exposed to anyone who knew where to look at.
IoT illustration (Kurt “Cyberguy” Knutsson)
What happened?
Mars Hydro, a Chinese IoT manufacturer, has suffered a huge violation of data after a publicly available, unprotected database containing nearly 2.7 billion records has been discovered on the network. Data database 1.17-therpm is not protected or encrypted with a password, revealing a huge amount of sensitive data related to the smart devices of the company, including LEDs for cultivation and hydroponic equipment.
The database contained records of writing, surveillance and errors for IoT devices sold around the world. Among the exposed data were the names of the Wi-Fi Network (SSIDS), Wi-Fi passwords, IP addresses, devices ID numbers and other details associated with user devices and Mars Pro IoT software app. In addition, internal records sent to LG-LG Solutions Limited, a company registered in California, as well as Spider Farmer, which produces agricultural equipment.
Security researcher Jeremiah Fowler He identified the database and immediately sent a responsible notice of posting to LG and Mars Hydro solutions. A few hours a public approach of database was limited.
It remains unclear how long the database is publicly available or whether unauthorized parties have accessed data before its limit. The only way to confirm the potential approach or abuse would be through an internal forensic audit, but such an investigation was not published publicly.
Illustration of the use of an application to access smart home devices (Kurt “Cyberguy” Knutsson)
Hidden Costs of Free Apps: Your Personal Data
Do you need to worry?
The unprotected database contained very sensitive user and devices information, including SSIDs and passwords stored in a regular text, which could allow unauthorized users to access home networks. Although the researcher did not indicate that any personal information, the presence of network credentials, IP addresses, numbers of devices and smartphones that triggered IOOT software causes serious security problems.
Exposed credentials could theoretically allow the attacker to connect to the network, compromise other devices, intercept the data, or even trigger the target Cyber -Napade. This risk is particularly worrying, given the wider vulnerability within the IoT industry.
According to the threat report, Alto Networks Fallen, 57% of IoT devices in all industries are considered to be very vulnerable and alarming 98% of the data transmitted by these devices is not echipharized. The report has further found that 83% of connected devices affect outdated or inconsistent operating systems, leaving them sensitive to attacks that exploit famous vulnerability.
This incident emphasizes a repetitive problem in the IoT sector: poor security practices, poor data protection and the absence of encryption. Without proactive security measures, such violations are likely to continue, exposing users to risks that extend beyond their IoT devices, potentially threatening the entire houses or business networks.
IoT illustration (Kurt “Cyberguy” Knutsson)
From Tictoka to Problem: How your Internet data can be armed against you
5 ways you can protect yourself
If you own Mars Hydro device or use the Mars Pro app, take the following steps to protect your information and provide a network:
1) Change your Wi-Fi password: Because the names and passwords of the Wi-Fi network are stored in a regular text, the first step is to update the router password immediately. Even if you believe that your credentials are not directly exposed, it is best to assume differently. A strong password should be complex, combining the upper and lowercase letters, numbers and special characters. Avoid using simple or easily guessing passwords, such as your name, address or basic numerical sequences.
2) Enable a dual -factor authentication (2FA): If your router supports authentication with a two -factorEnables an additional safety layer. This ensures that, even if someone gets access to your login credentials, a secondary authentication check will continue to need – which is usually sent through a text message or authentication application – to apply. This significantly reduces the risk of unauthorized approach.
3) Follow your network for unusual activity: In addition to the exposed credentials of Wi-Fi and IP addresses, the attackers could try to access your net distance. An important safety measure is to check the administrator panel of your router to review the connected devices. If you notice an unknown device, remove it immediately and change your Wi-Fi password again.
4) Notify your devices: IoT devices are notorious by running out of outdated or unintended software, making them vulnerable to Cyber -Napade. Regularly Firmware and software update Your smart devices ensure that you receive the latest security patches. Check the device settings for available updates and install them as soon as they are published. If you update the router firmver, it is equally important because routers are the primary goal of the hacker.
5) Watch out for identity stealing attempts and use a strong antiviral software: Hackers can try to use data from this violation by launching a phishing attack. If you receive an email that claims to be from the solution of Mars Hydro or LG, inviting you to reset the password or provide personal information, be careful. Cyber -Criminals often create false pages for reporting intended for the theft of credentials. Do not click on suspicious links or download attachments from unknown sender.
The best way to protect yourself from malicious bonds is to install antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.
A massive security flaw puts the most popular browsers on Mac
Kurt’s key step
A violation of Mars hydroelectric power plants is another reminder of the safety risks coming from IoT devices. Companies need to do better user data protection, but at the end of the day it is up to you to provide your own network. Passwords update, allowing a dual -factor authentication and watch your connected devices can make a big difference in keeping your data and a smart house.
Do you think governments should regulate the safety of IoT or should they leave them to companies? Let us know by writing us on Cyberguy.com/contact.
For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter.
Ask the Kurt question or let us know which stories would you like to cover.
Follow Kurt on his social channels:
Answer to the most demanding questions about Cyberguy:
New from Kurt:
Copyright 2025 Cyberguy.com. All rights reserved.
