For years, the use of insecure smart home appliances and other Internet-connected devices has resulted in personal data leaks. Many smart devices require users’ location, contact details or access to cameras and microphones to set up, which expose people’s personal information, but are unnecessary to use the product. As a result, data breaches and security incidents continue to emerge worldwide through smartphone apps, smart speakers, TVs, air fryers and robot vacuums.
Last week, another major data breach was added to the list: Mars Hydro, a Chinese company that makes Internet of Things (IoT) devices such as LED grow lights and the software to control them remotely. Jeremiah Fowler, a cybersecurity researcher at vpnMentor, on Feb. 12 reported that Mars Hydro had left 1.17 terabytes of non-password-protected data containing 2.7 billion records online, including users’ Wi-Fi network names, Wi-Fi passwords, Internet protocol addresses and device IDs.
The exposed data appeared to belong to users of the company’s Mars Pro smartphone app, even though Mars Hydro’s privacy notices on Apple’s App Store and Google Play state that the app does not collect user data, Fowler said. Within hours of notifying Mars Hydro, the database was no longer publicly available, but it is uncertain how long it was left unprotected or if unauthorized parties had accessed it, he said. The incident demands further investigation to get a full picture of users’ exposure, he said, adding that the issue yet again raises concerns over the security and privacy of IoT devices.
The Mars Hydro incident comes as Chinese start-up DeepSeek’s artificial intelligence (AI) chatbot was recently found to have transferred user data to ByteDance Ltd, TikTok’s parent company, which prompted many countries to ban public-sector entities from using DeepSeek or suspend downloads of the Chinese app. In Taiwan, the Ministry of Digital Affairs on Jan. 31 said that government agencies would be prohibited from using DeepSeek, but it remains unclear if the ministry would restrict public use of the service if it contravenes data protection laws.
Concerns over data leaks and hacking from Chinese software and devices have grown in the past few years. Security experts warn that apps from Chinese e-commerce sites such as AliExpress and Temu, as well as China-made IP cameras, smart speakers and robot vacuums, have data security vulnerabilities. They say risks stem from potential backdoors embedded during manufacturing or coding to weaken encryption methods and provide gateways for cyberattacks.
Make no mistake: Concerns over data breaches also exist for devices made by non-Chinese vendors. However, the issue with products made in China or by Chinese-owned companies is that the Chinese Communist Party, with no democratic oversight, could exploit such information for surveillance or intelligence-gathering purposes, posing national security threats. In addition, most countries generally require businesses to obtain consent from users before collecting their personal information. Unfortunately, some Chinese services do not inform users or bypass this requirement when collecting personal data.
In November last year, the Ministry of Digital Affairs acknowledged the importance of IoT information security as such devices become more popular. It said that regardless of the country of origin or the type of device, user data could be collected and become a potential security risk. It added that it would launch information security labels for IoT devices sold in Taiwan and propose data protection guidelines for device makers. In the meantime, users can take simple steps to mitigate potential risks, such as changing default passwords, restricting the access software and devices have to personal information, stopping data sharing, monitoring device activity and turning off devices when not in use.
The conflict in the Middle East has been disrupting financial markets, raising concerns about rising inflationary pressures and global economic growth. One market that some investors are particularly worried about has not been heavily covered in the news: the private credit market. Even before the joint US-Israeli attacks on Iran on Feb. 28, global capital markets had faced growing structural pressure — the deteriorating funding conditions in the private credit market. The private credit market is where companies borrow funds directly from nonbank financial institutions such as asset management companies, insurance companies and private lending platforms. Its popularity has risen since
The Donald Trump administration’s approach to China broadly, and to cross-Strait relations in particular, remains a conundrum. The 2025 US National Security Strategy prioritized the defense of Taiwan in a way that surprised some observers of the Trump administration: “Deterring a conflict over Taiwan, ideally by preserving military overmatch, is a priority.” Two months later, Taiwan went entirely unmentioned in the US National Defense Strategy, as did military overmatch vis-a-vis China, giving renewed cause for concern. How to interpret these varying statements remains an open question. In both documents, the Indo-Pacific is listed as a second priority behind homeland defense and
Every analyst watching Iran’s succession crisis is asking who would replace supreme leader Ayatollah Ali Khamenei. Yet, the real question is whether China has learned enough from the Persian Gulf to survive a war over Taiwan. Beijing purchases roughly 90 percent of Iran’s exported crude — some 1.61 million barrels per day last year — and holds a US$400 billion, 25-year cooperation agreement binding it to Tehran’s stability. However, this is not simply the story of a patron protecting an investment. China has spent years engineering a sanctions-evasion architecture that was never really about Iran — it was about Taiwan. The
In an op-ed published in Foreign Affairs on Tuesday, Chinese Nationalist Party (KMT) Chairwoman Cheng Li-wun (鄭麗文) said that Taiwan should not have to choose between aligning with Beijing or Washington, and advocated for cooperation with Beijing under the so-called “1992 consensus” as a form of “strategic ambiguity.” However, Cheng has either misunderstood the geopolitical reality and chosen appeasement, or is trying to fool an international audience with her doublespeak; nonetheless, it risks sending the wrong message to Taiwan’s democratic allies and partners. Cheng stressed that “Taiwan does not have to choose,” as while Beijing and Washington compete, Taiwan is strongest when
RSS