British parents haven't learnt their lesson from the discovery two years ago of a Russian website that offered links to unsecured baby monitors, according to the UK's privacy watchdog.
This has prompted the Information Commissioner's Office (ICO) to reissue its wake-up call from 2014 to parents over the security of baby monitors. Two years on from the discovery of the Russian site, the ICO says parents still haven't changed their behaviour, and it's calling on them to take responsibility for the security of their devices.
"Internet of Things products such as baby monitors, music systems and photo or document storage, which can be accessed online, are at risk of revealing your personal details to other people," it warned.
"A lack of security when it comes to IoT devices could mean that a search engine is used by criminals to locate vulnerable devices and then gain access to them or others on your home network."
"The public must act to protect themselves and their families when using these devices," ICO group manager for technology Simon Rice wrote this week.
"If they don't they could find their personal files easily accessible by popular search engines, casual browsing or more determined attackers. If you wouldn't leave your house unlocked then make sure your digital home is equally secure."
Security researchers have demonstrated on numerous occasions that vulnerabilities can be exploited to give unauthorised access to baby monitors. And there's been no shortage of incidents where parents have discovered strangers talking to their children through baby monitors during the night.
In June, New York City's consumer affairs watchdog also warned parents to secure their baby monitors.
"Video monitors are intended to give parents peace of mind when they are away from their children but the reality is quite terrifying--if they aren't secure, they can provide easy access for predators to watch and even speak to our children," said DCA Commissioner Julie Menin.
To avoid this situation, the ICO's Rice advised parents to properly research the security of a product before buying it, including checking whether the product can be updated post-purchase. He also reminded consumers to change default settings on their routers, keep an eye out for known security vulnerabilities in products, and not to rush through the setup process when deploying a new device in the home, and to use two-factor authentication.