A range of video doorbell brands sold by online retailers including Amazon, Sears, Shein, Temu and Walmart have security vulnerabilities that could expose users to hackers, an investigation by Consumer Reports found.
The consumer advocacy group found issues with a dozen seemingly identical video doorbells sold under brand names including Eken and Tuck. All are made by the Eken Group, based in Shenzhen, China, and controlled through a mobile app called Aiwit, which Eken operates, CR said.
Eken and Tuck are not well-known brands in the video doorbell market, yet they are relatively strong sellers online. The doorbells appeared in multiple listings on Amazon, with more than 4,200 sold in January alone. Both brands are often touted as "Amazon's Choice: Overall Pick," CR stated.
"These video doorbells from little known manufacturers have serious security and privacy vulnerabilities, and now they've found their way onto major digital marketplaces such as Amazon and Walmart," stated Justin Brookman, director of tech policy at Consumer Reports. "Both the manufacturers and platforms that sell the doorbells have a responsibility to ensure that these products are not putting consumers in harm's way."
The troubles uncovered by CR researchers include:
New rules are needed to hold online retailers accountable for vetting sellers and the product sold by their platforms, according to CR. It called on the Federal Trade Commission to stop the online sales of the doorbell cameras and on retailers to do more to ensure the quality of the products they sell.
Eken Group did not immediately respond to a request for comment.
In an emailed statement to CBS News, Temu said that it prioritizes consumer safety and privacy and has suspended sales of the identified doorbell camera models from Tuck and Eken.
"We require all sellers on our platform to fully comply with the laws and regulations of the markets in which they sell, including providing necessary product documentation. We regularly conduct spot checks at our affiliated warehouses to enforce this policy," the company stated.
Walmart said the items cited by CR had been removed from its site, and the retailer is offering refunds for consumers who want to return the products. The company's policy prohibits the sale of any electronic products that don't comply with FCC regulations, it noted.
"Like other major online retailers, we operate an online marketplace that allows third-party sellers to offer merchandise to customers through our eCommerce platform. We expect these items to be safe, reliable and compliant with our standards and all legal requirements. Items that are identified to not meet these standards or requirements will be promptly removed from the website and remain blocked," Walmart stated.
Amazon and Shein did not immediately respond to requests for comment.
Some of the security vulnerabilities cited by CR were brought to life recently, with thousands of Wyze camera customers having images of their homes made visible to folks they did not know due to "a security event," the company told a user forum last week.
Internet-enabled camera systems like Amazon Ring have created privacy and security concerns before, with Amazon last summer agreeing to pay $5.8 million to the FTC to settle allegations it give its Ring surveillance workers access to personal videos.
Among other steps, cybersecurity experts recommend against putting a camera in a bathroom or bedroom. but instead aim at the outside world.
Kate GibsonKate Gibson is a reporter for CBS MoneyWatch in New York.