Millions of Meari Baby Monitors and Security Cameras Found Vulnerable to Hacking

If your baby monitor looks something like this, it’s probably a Meari.

A baby’s eyes peer directly into the camera lens. A child in a striped shirt looks up, then away. A boy in a policeman’s costume, a gold star on his chest. A messy bedroom—with an unmade bunk bed, a little girl’s hat and headband, and Hello Kitty plastered on the wall—reminds me of my own daughters.

One thought repeats in my mind: I shouldn’t be seeing this. No stranger should.

But bad actors could’ve easily spied on these locations—and a million more—because many of Meari Technology’s Wi-Fi baby monitors and security cameras were absurdly insecure.

How Hackers Exploited the Vulnerability

If you had access to one of those cameras, you theoretically had access to thousands of others. Security researchers uncovered a critical flaw that allowed unauthorized users to view live feeds without any authentication. The issue stemmed from poorly secured network protocols and default credentials left unchanged by users.

The exposed devices included both baby monitors and security cameras, totaling over 1 million units worldwide. The vulnerability was not limited to a single model but affected multiple product lines from Meari Technology.

Why This Matters for IoT Security

This incident underscores the persistent risks associated with Internet of Things (IoT) devices. Many manufacturers prioritize convenience over security, leaving consumers exposed to potential breaches. Unlike traditional computers or smartphones, IoT devices often lack regular security updates, making them prime targets for hackers.

Experts warn that unsecured cameras can be exploited for surveillance, blackmail, or even as entry points into home networks. The Meari case is not an isolated incident; similar vulnerabilities have been discovered in other popular brands, including Foscam, D-Link, and Wyze.

What Meari and Users Can Do

In response to the findings, Meari Technology has disabled remote access for affected devices and is urging users to update their firmware. The company stated:

“We take the security of our users extremely seriously. We have implemented immediate measures to mitigate risks and are working closely with cybersecurity experts to enhance our protocols.”

For users, experts recommend the following steps to secure IoT devices:

• Change default usernames and passwords immediately.
• Enable two-factor authentication if available.
• Regularly check for and install firmware updates.
• Isolate IoT devices on a separate network from primary devices.
• Avoid using public Wi-Fi for camera feeds.

Broader Implications for Smart Home Security

The Meari vulnerability serves as a stark reminder of the importance of IoT security. As smart home devices become more ubiquitous, the potential for misuse grows. Regulatory bodies and industry groups are increasingly calling for stricter standards to protect consumers.

Until then, users must remain vigilant, ensuring their devices are properly secured to prevent unauthorized access.