~2.7 Billion records exposed

A security analyst found an unsecured database (no password required) containing ~2.7 Billion records belonging to Mars Hydro, a mainland China company that offers IoT lights, and software to control devices, timers, and settings remotely.

The data affects LG-LED Solutions, Spider Farmer, and Mars Hydro/Mars Pro. Folders in the database have logging, monitoring, and error records for IoT (Internet of Things) devices sold worldwide. 

A sampling of documents showed folders with >100 million records containing SSID (service set identifier) (your Wi-Fi network name). Wi-Fi network passwords, IP addresses, device ID numbers, and more.

There are also details about connected IoT devices and references to the control device (smartphone) running their IoT app, including its operating systems (e.g., iOS, Android).

Currently no indication of the purpose of the database, or if the owners or anyone else has compromised the info for whatever use.

Read full report here.

If you own any devices that were manufactured by Mars Pro, possibly including items sold by LG-LED, and/or use the Mars Pro app, consider getting rid of them.  Even if you change your SSID and WiFi password, that doesn't guarantee the new info won't be abused...