- Hive heating app allows customers to control their thermostat remotely
- But data on when heating is on and off is transmitted without encryption
- Which? suggests that burglars could work out when householders are likely to be away from home
- British Gas has started encrypting the data in response to investigation
British Gas has been forced to ramp up security on a ‘smart heating’ app installed in thousands of homes after it was exposed as a ‘burglar’s dream’ which could tell criminals when to break in.
The Hive Active Heating app is intended to allow customers to heat their homes remotely and programme a schedule for when to turn the heating on and off.
But it has now emerged that user data was being sent without encryption, meaning that hackers could have tapped into customers’ wi-fi and stolen their information.
Row: British Gas has been caught transmitting sensitive data without encrypting it
Because the data showed when householders had the heating on, it may have allowed burglars to work out when a property would be unoccupied, according to consumer group Which?
Now British Gas has agreed to start encrypting the data, in a bid to reassure customers that their personal information will remain safe.
The revelation could raise new fears about the security of the so-called ‘internet of things’, which is set to see more and more household objects become connected to the web to allow their owners to control their homes from a smartphone.
