“We’re aware of the issue and are in contact with Xiaomi to work on a fix,” Google said in a statement on Friday. “In the meantime, we’re disabling Xiaomi integrations on our devices.”
The move comes two days after a Xiaomi camera owner in the Netherlands said he saw still images of homes that aren’t his own as he tried to stream video from the smart device to Google Nest Hub. The images included a baby fast asleep in a crib, an old man dozing off in an armchair, and a sun-filled living room.
Xiaomi, a Chinese technology company best known for its inexpensive and wildly popular smartphones, told CNN Business in a statement that it had fixed the issue and apologized for the inconvenience caused to users.
“Upon investigation, we have found out the issue was caused by a cache update on December 26, 2019, which was designed to improve camera streaming quality,” it said.
It said the incident the user experienced happened during the integration between Mi Home Security Camera Basic 1080p — the model the Dutch user owns — and the Google Home Hub “with a display screen under poor network conditions.” It has suspended the integration service until the root cause is solved.
According to Xiaomi, the issue would not occur if the camera is linked to Xiaomi’s own Mi Home app.
The leaked data included customer email addresses, as well as the email addresses of those people who were given permission to view the camera feeds. A list of cameras in customers’ home and tokens used to connect to smart phones and personal assistants were left open for public view.