Your worst fears about home assistants came true for one Amazon customer whose Alexa recordings were accidentally sent to a complete stranger. Amazon failed to disclose the mistake, but don't worry: The recipient learned enough about the Alexa owner to reach out.
It started when a German Amazon customer requested his Amazon-owned data, which he has a right to do under the General Data Protection Regulation (GDPR). After several weeks, the company sent a downloadable 100-Mb zip file. Some of its contents reflected the customer's Amazon searches. However, hundreds were .wav files and one contained transcripts of voice commands recorded by Alexa. The person had never owned an Alexa, so he reported the issue to Amazon, which did not respond but killed the link to the data.
However, the customer had already saved the files, so he reached out to German magazine c't because he worried Amazon hadn't shared the mistake with the data's rightful owner. By listening to the files, the publication was able to learn the person's name, habits, jobs, musical taste, and more intimate details that "got our hair standing on end," the report states. First and last names helped determine his close friends; Facebook and Twitter data filled in more of the details.
C't learned enough about the victim to contact him and inform him of the mistake. Amazon did not share the error with him, he said, but the company later contacted both the victim and accidental recipient. It claims a staff member made "a one-time error," Gizmodo reports.
Read more details here.