New Delhi: Global cybersecurity company Avast has warned smart homes and businesses in India that they are at a risk of data leakage due to misconfiguration of a protocol used to interconnect and control smart home devices via smart home hubs.

The Avast report found more than 49,000 Message Queuing Telemetry Transport (MQTT) servers publicly visible on the Internet due to a misconfigured MQTT protocol. This included 595 Indian servers with no password protection, thus being privy to data leakage. 

Martin Hron, a security researcher at Avast said, “It is frighteningly easy to gain access and control of a person's smart home because there are still many poorly secured protocols dating back to bygone technology eras when security was not a top concern”.

Criminals on the cyberspace could take advantage of this and gain access to a vital information about a home, including the presence of owners at the residence, manipulation of voice assistants and other entertainment systems and could also try to open or close smart doors and windows.

Cybercriminals can also track a user’s whereabouts, making them vulnerable to serious security and privacy threats.