SC Mom’s Story After Baby Monitor Hacked Should Terrify Parents

CHARLESTON, SC — A Charleston mother has a chilling warning that should scare the hell out of any parent who uses Wi-Fi connected monitors. Jamie Summitt, 24, discovered hers had been hacked by someone who was using the 360-degree motion feature to watch her in bed and as she breastfed her 3-month-old son.

She shared the frightening discovery on Facebook, where she urged other parents who may use an internet-connected monitor to immediately “do yourself a favor and unplug it and throw it away.” The widely shared post struck a chord and was picked up by multiple news organizations.

Summitt said the realization that videos of the intimate moments with her son, Noah, are “God only knows” where leaves her feeling vulnerable, violated and angry.

“Those bonding feelings of just me and him together — it’s supposed to be me and him in those sweet moments," she told ABC News. "It makes me kind of sick to think what kind of stuff the person may have seen and still could be out there. I'm supposed to protect my son and I feel like I failed him.”

When Summitt bought the monitor online, she liked the convenience of an app that lets both her and her husband access the feed with their smartphones and remotely move the camera 360 degrees.

“That sounded great,” Summitt wrote on Facebook, “especially with my sister-in-law living with us this summer.”

Summitt told television station WCIV that she feels guilty for not doing more thorough research on the baby monitor, a $34 FREDI wireless baby camera monitor. The warranty information on the Amazon listing claims “NO RISK of PERSONAL INFORMATION” and promises lifetime technical support.

She thought baby monitors were “kind of cut and dry.”

“You find a baby monitor, you watch them napping, it was supposed to be a safety thing, " Summitt told WCIV. "God only knows what kind of images and videos are out there.”

Summitt discovered the monitor had been hacked on May 30, when she pulled up the app as Noah slept in a bassinet in her and husband Kevin’s bedroom.

“I was in the living room with the only two people who had access (or so I thought) to the monitor,” she wrote on Facebook. “All of a sudden I noticed out of the corner of my eye that the camera was moving … and it was panning over to our bed. The exact spot that I breastfeed my son every day. Once the person watching realized I was not in bed, he panned back over to Noah asleep in his bassinet.

“My heart sank into my stomach.”

That morning, Summitt had noticed the camera wasn’t pointed toward the bassinet, as it typically is. But sometimes Kevin accesses the app from work and shifts the position of the camera, and she assumed that explained the switch in position. But Kevin hadn't checked the feed all day. When the couple realized the baby monitor had been hacked, they unplugged and stashed it in a drawer, then called the North Charleston Police Department.

When the police officer tried to turn the device back on, it had stopped working.

“He tried to use it and access the security settings and it completely locked us out with a message saying ‘insufficient permission,’” Summit told ABC News, adding that the hacker probably “heard everything” and “saw the officer.”

Summitt said the discovery left her feeling “violated.”

“This person had watched me day in and day out in the most personal and intimate moments between my son and I,” she wrote on Facebook. “I am supposed to be my son’s protector and I have failed miserably. I honestly don’t ever want to go back into my own bedroom.”

The Summitts have tried to contact the manufacturer, but the telephone number is no longer in service and no one has responded to emails. Amazon hasn’t responded, except to refuse her customer review of the product, she wrote on Facebook.

“I honestly feel like this is a terrible nightmare,” she wrote, adding “we are all feeling unsettled and angry.”

Everyone Should Reboot Their Routers Right Now: FBI

What happened to the Summitts isn’t that unusual.

Boston-based Rapid7 Inc. found serious security flaws in the nine baby monitors it looked at for a 2015 study. The monitors ranged in price from an inexpensive $55 to $260. In some cases, passwords were hidden and unchangeable. Some didn’t encrypt data streams, according Rapid7 senior security consultant, one of the study’s authors.

“There’s a certain leap of faith you’re taking with your child when you use one of these,” he told the Associated Press in 2015.

The brand of monitor the Summits used wasn’t included in the study, but Tod Beardsley, Rapid7’s director of research, recently told National Public Radio station WAMU that he and his colleagues found “pretty much across the board, some pretty easy-to-exploit vulnerabilities — things that have been already solved in mainstream computing.”

The absence of safeguards that exist on smartphones and computers make baby monitors and other Wi-Fi connected devices a playground for hackers.

“Hackers that I know and hang out with refer to Internet of things hacking as ‘hacking on easy mode,’ or ‘hacking like it’s 1998,’ ” Beardsley told WAMU.

The Summitts changed their passwords and updated their Wi-Fi settings — “all the right things,” Beardsley said.

You can read Summitt’s full Facebook post here:

Photo by Shutterstock / b.asia