Data breaches continue to take place, and too often they come down to companies that do not take cyber security seriously. Some of the biggest infringements have been caused by negligence, and now there is still an important one to add to the list. Mars Hydro, a Chinese company that makes Internet of Things (IoT) devices such as LED lights and hydro -cultuur equipment, left a huge database online. As a result, 2.7 billion records were exposed to everyone who managed to look where.
Illustration of IoT devices (Kurt “Cyberguy” Knutsson)
What happened?
Mars Hydro, a Chinese manufacturer of IoT devices, suffered a huge data breach after a publicly accessible, unprotected database with nearly 2.7 billion records was discovered online. The 1.17-terabyte database was not protected or coded with a password, which exposed an enormous amount of sensitive information regarding the smart devices of the company, including LED breeding lights and hydropulture equipment.
The database contains logic registration, monitoring and fout records for IoT devices that are sold worldwide. Under the exposed data, Wi-Fi network names (SSIDs), Wi-Fi passwords, IP addresses, device ID numbers and other details were linked to user devices and the Mars Pro IOT software application. Plus, internal records referred to LG-guided Solutions Limited, a company registered in California, as well as Spider Farmer, which produces agricultural equipment.
Security researcher Jeremiah Fowler Identify the database and immediately sent a responsible disclosure notification to LG-guided solutions and Mars Hydro. Access to the public to the database was limited within a few hours.
It remains unclear how long the database public was accessible or that unauthorized parties had the data before the restriction. The only way to confirm potential access or abuse would be through an internal forensic audit, but such a research was not publicly announced.
Illustration of using an app to gain access to Smart Home devices (Kurt “Cyberguy” Knutsson)
The hidden costs of free apps: your personal information
Do you have to worry?
The unprotected database contained very sensitive user and device information, including SSIDs and passwords stored in normal text, with which unauthorized users have access to home networks. Although the researcher has not indicated that personally identifiable information was exposed, the presence of network references, IP addresses, device -ID -numbers and data on smartphones with the IoT software shouts serious security problems.
The exposed references can theoretically enable an attacker to connect to the network, compromise other devices, to intercept data or start even targeted cyber attacks. This risk is particularly disturbing, given the broader vulnerabilities within the IoT industry.
According to a threat report from Palo Alto Networks, 57% of the IoT devices in all industries are considered very vulnerable and an alarming 98% of the data sent by these devices is not coded. The report also showed that 83% of the connected devices operate on outdated or non -supported operating systems, making them susceptible to attacks that exploit known vulnerabilities.
This incident underlines a recurring problem in the IoT sector: poor security practices, weak data protection and the absence of coding. Without proactive security measures, such infringements will probably continue, so that users will be exposed to risks that go beyond their IoT devices, so that the entire home or company networks may be jeopardized.
Illustration of an IoT device (Kurt “Cyberguy” Knutsson)
From Tiktok to Problems: how your online data can be armed against you
5 ways you can protect yourself
If you have a Mars Hydro device or use the Mars Pro app, take the following steps to protect your data and secure your network:
1) Change your Wi-Fi password: Since Wi-Fi network names and passwords are stored in normal text, the first step is to immediately update your router password. Even if you think your references are not immediately exposed, it is best to take on differently. A strong password must be complex, combining top and small letters, numbers and special characters. Avoid using simple or easily guyable passwords, such as your name, address or basic numeric sequences.
2) Switch on two-factor authentication (2FA): If your router supports two -factor authenticationSwitching it off adds an additional layer of security. This ensures that even if someone gets access to your login details, he would still need a secondary authentication code – usually sent via SMS or an authentication app – to log in. This significantly reduces the risk of unauthorized access.
3) Monitor your network for unusual activity: With Wi-Fi references and IP addresses, attacks can try to access your network remotely. Regularly checking the admin panel of your router to assess connected devices is an important security measure. If you notice an unknown device, delete it immediately and change your Wi-Fi password again.
4) Keep your devices updated: IoT devices are notorious for performing outdated or non -supported software, making them vulnerable to cyber attacks. Regularly Updating the firmware and software From your smart devices ensure that you receive the latest security patches. Check your device settings for available updates and install them as soon as they are released. The firmware of your router updated is just as important, because routers are a primary target for hackers.
5) Be careful for phishing attempts and use strong antivirus software: Hackers can try to exploit the data from this infringement by launching phishing attacks. If you receive an e-mail that claims to come from Mars Hydro or LG-guided solutions that encourage you to reset your password or provide personal information, be careful. Cyber ​​criminals often make fake login pages that are designed to steal references. Do not click on suspicious links or download attachments from unknown senders.
The best way to protect yourself against malignant links is to have antivirus software installed on all your devices. This protection can also warn you about phishing -e -mails and ransomware -scam, so that your personal information and digital assets are kept securely. Buy my choices for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
Solid security error brings the most popular browsers to MAC
Kurt’s most important collection meal
The Mars Hydro Breach is another memory of the security risks that are accompanied by IoT devices. Companies must do better work to protect user data, but ultimately it is up to you to secure your own network. Updating passwords, switching on two-factor authentication and monitoring your connected devices can make a big difference to keep your data safe and your Smart Home secured.
Do you think that governments must regulate IoT security stricter, or should it be left to the companies? Let us know by writing us Cyberguy.com/contact.
For more of my technical tips and security warnings, subscribe to my free Cyberguy report newsletter by going to Cyberguy.com/newsletter.
Ask Kurt a question or let us know what stories you want.
Follow Kurt on his social channels:
Answers to the most stretched Cyberguy questions:
New from Kurt:
Copyright 2025 cyberguy.com. All rights reserved.
