Plume, Smart WiFi Provider, Faces Major Data Breach
Smart WiFi service provider Plume has reportedly fallen victim to a significant data breach, as announced by hackers on the notorious Breach Forums. Although Plume has not officially confirmed the breach, the company is aware of the claims made by the attackers and has initiated an investigation to verify the situation.
Plume, based in Palo Alto, California, operates as a Software-as-a-Service (SaaS) platform, offering users AI security, smart WiFi, and cloud management services. With a presence in over 45 countries and covering 55 million homes and small businesses, the scale of the potential breach is concerning.
According to the hackers, who have claimed responsibility for the breach, they have successfully stolen over 20GB of Plume’s WiFi database, containing more than 15 million lines of information. The attackers have expressed dissatisfaction with Plume’s response, prompting them to release two CSV files containing purported data of both customers and employees.
The first file, related to alleged customers, includes email addresses, full names, countries, device details, and other information about approximately 26,000 individuals. The second file, reportedly containing data on Plume’s employees, consists of 3,086 email addresses and full names, predominantly associated with the @plume.com and @plumewifi.com domains.
Notably, the leaked data does not include passwords, providing a glimmer of relief. However, cybersecurity experts emphasize the potential risks associated with leaked personal information. Darren James, Senior Product Manager at Specops Software – An Outpost24 Company, advises affected individuals to change their passwords across all platforms using the same username.
The hackers, going by the Twitter handle @MonkeyInject, have taken an unusual step by openly disclosing details of the attack on the platform. According to their tweets, the breach was facilitated by a former Plume employee who left the company in 2023 but retained access rights. This revelation sheds light on potential security lapses within Plume’s access management protocols.
@MonkeyInject has given Plume a 48-hour ultimatum to comply with their demands, emphasizing the need for improved access control policies to prevent similar incidents in the future. Plume users and the cybersecurity community are urged to stay vigilant, and affected individuals should take immediate action to secure their accounts and sensitive information.