A leading security camera-maker has sent footage from inside a family’s home to the wrong person’s app. Swann Security has blamed a factory error for the data breach which was brought to its attention by the BBC and said it was a “one-off” incident. However, last month another customer reported a similar problem saying his version of the same app had received footage from a pub’s CCTV system. Swann said it was attempting to recover the kit involved in this second case. In the meantime, it said it had notified the UK’s data privacy watchdog of both cases. “Swann Communications (Europe) have made us aware of this incident and we will be making inquiries,” the Information Commissioner’s Office said in a statement of its own.
“If anyone has concerns about how their data has been handled, they can report these concerns to us.” Swann is owned by the Infinova Group, a US-based security camera specialist with offices across the globe. The BBC first learned of the problem on Saturday, when a member of its staff began receiving motion-triggered video clips from an unknown family’s kitchen. Until that point, Louisa Lewis had only received footage from her own Swann security camera, which she had been using since December.The development coincided with Ms Lewis’s camera running out of battery power and requiring a recharge. “I was out and I had a couple of alerts,” she recalled.
“Naturally, I looked at my phone only to see the video was not of my home. “At first I ignored it I thought it must be an error then I had several other alerts, at which point I thought I had better get in touch with Swann.” The clips, which had automatically downloaded to her handset, featured a man and woman passing close to the camera. A child’s voice could also be heard in the background. A Swann customer representative told Ms Lewis that nothing could be done until after the weekend. And it was only after the matter was flagged to the firm’s PR agency on Monday that she stopped receiving video clips. Following an internal investigation, a Swann spokeswoman later provided an explanation.
She said that “human error” had caused two cameras to be manufactured that shared the same “bank-grade security key – which secures all communications with its owner”. “This occurred after the [family] connected the duplicate camera to their network and ignored the warning prompt that notified: ‘Camera is already paired to an account’ and left the camera running,” she added. “We are regretful that this was not addressed immediately and adequately by our support team, when discovered. We have addressed this and made some internal changes.” The spokeswoman said that Swann had been unable to identify or contact the family involved. “We can confirm that no further data was breached or accessed by additional third parties,” she added.