China's Hangzhou Xiongmai Technology, which has issued a recall for thousands of webcams sold in the US that were used in a massive distributed denial of service (DDoS) attack on the servers of US-based internet company Dyn, said the hacks occurred because customers didn't change the default password, according to the AP.
The attack, which in part came through devices with Xiongmai components, briefly cut access to many sites including Twitter, Netflix, Amazon, and Spotify.
Xiongmai’s Liu Yuexin told AP the company did its best to secure the devices. The company, he added, came to know of the weakness in its webcams and digital recorders in April 2015 and had patched the flaws.
Vulnerabilities in devices by Xiongmai and video surveillance maker Dahua first came to light after an attack on the website of cybersecurity writer Brian Krebs and has highlighted concerns of security risks from interconnected consumer gadgets.
Read more on AP.