Researchers find bug in Wi-Fi network encryption

Share This Page

If you have a smartphone, laptop, or IoT device connected to a Wi-Fi network, the information you send over that network could be at risk. Researchers recently found a bug that lets attackers break the encryption that protects most wireless networks – leaving data you send exposed.

The bad news is that this is not a problem with a specific device, or even manufacturer – it’s a problem with the WPA2 encryption standard nearly all Wi-Fi devices on the market today use to scramble communications, preventing eavesdropping and tampering. Basically, if you use a device to connect to a wireless network at home, work, or elsewhere, this bug means you cannot rely on that connection being secure.

The good news is that the bug can be fixed with a security update or patch. Device manufacturers and software companies are aware of the bug and updates for affected devices should be rolling out in the near future, if they haven’t already.

In the meantime, connections other than Wi-Fi (like your smartphone’s 4G/3G carrier connection, or a connection with an Ethernet cable) are not affected. So, consider using them instead of Wi-Fi until the updates are available.

Even so, this bug is a reminder that there’s no single solution to secure your data, and all of the other tips for protecting your sensitive information and security online are more important than ever, including:

  • Keep up with the latest updates for your software and devices, including updates for your smartphone, computer, and any IoT devices around your home.
  • Avoid sending sensitive information over public Wi-Fi, whether or not it’s encrypted.
  • When you do send sensitive information to a website, make sure the address starts with “HTTPS” – this will at least ensure the data you send to that one website is encrypted.
  • A VPN (Virtual Private Network) app or service can give you another layer of protection for your personal data. VPNs encrypt traffic between your computer and the internet – even on unsecured networks. You can get a personal VPN account from a VPN service provider. If you decide to use one, be aware some VPNs are more secure and easier to use than others, so shop around. Read reviews from several sources, including impartial experts.
Tagged with: online security, Wi-Fi



Could you give us a link or two to a review or reviews from one or more impartial experts?

Thank you for letting us know. Also keep us informed of updates and other security information.

Thank you, FTC. Great to receive this info. Thankfully, i have Ethernet, but will share!


Thank You so very much for this information. Glad you're looking out for us!

thank you for the info update but the internet looks very sick any way as far to many people have two many broswers on the services as we know that all broswers are scams and in countries like New Zealand and Australia they have this fake broadband service and funny enough they all believe that its true and honest when its never ever been made from Haitachi Japan and so how do we get the message through to people when they wont believe and the amount of people in these countries that use Wi-Fi for cheap service is amazing

Well nice try. When the technology that you pay extra for and devices, tech support and network management is taken away just as similar to leave your tech exposed with no other option for tech use, what then? The law, and manufacturing experts are not helping and thing technically get worse and worse, not to mention expensive beyond reason... Do I just go off the grid because efficient help has been available?

That was well said! You raise an extremely valid point and there is no answer that I could find either, you're absolutely right , basically if someone really wants to gain access to anyone using WiFi, there's nothing we can do about it! Again we'll said but who's going to listen to us...?

I never again want to hear the statement "Your data is perfectly safe" from ANY company. It has been proved over and over and over again that our data is NOT safe.

You're absolutely right! Well said. But what can we do about it... Who's going to listen? Or care? Everyone is exposed on their own, all it takes is someone or company, targeting individuals personally.


Thanks for this information, a little late for me. I was hacked by a caller through my modem. Called my provider - they said they never heard of that and while talking on the phone with my provider - the hacker was on the phone too. I am still nervous about using my computer or phone. Nothing is safe.

Same thing happened to me

Same in exact thing happened to us... Trying to explain to the unbelieving individuals that were "Government employees" told me that if I wasn't I a government agency there was nothing that could do for me. My family lost so much since December it's not funny! I'm still seeing interruptions on my devices , I still have the 3 crashed devices that was severely exposed to the intrusion. Now trying to recover my family's losses. Thanks !

Been dealing with this for years. Sucks. No Privacy ‘. Have changed providers, phone states. Been thru it all They win. People look at you like you are nuts when u explain! Even home kit installed in my house and not by us. Nice. They watch everything too. Dickstein low people

I thought I was the only one. Somebody is busy you have to B carful.

Back. Still got new number via my contact list and getting it from Contact.

I don’t trust anything so any thing private I use copper line phone.
My bank acct was emptied it will takes yrs of civil court lawsuits just to get my money back.

I do like FTC putting info out there. Take it seriously but I think the entire US infrastructure is at risk.

Devices were all intruded upon two phones one kindle and a laptop were all crashed lost phone numbers email addresses but most importantly, was information that was much needed to accomplish financial stability. But when it was reported They said not possible, your lying, we can't see a problem, and the worst words of all were... If your not a government agency, then we can't help you! It's been nearly a year of the intrusion and to this day nothing has been recouped , and Im still not a government agency but I am a tax payer that pays our government to see that we can exercise our amendments specifically the 4th.

I've been dealing with this for 2 years. I've been called crazy cops look at you weird the Internet providers as well. I kept telling them was the phone and internet. As I've eliminated and study so much cause I can't stand my privacy violated. I've been ripped off with all the gadgets they get in your stuff they watch your house and gps. I could go on. What now? You wouldn't believe what I've come across.

Wow is any system safe now. I see so many people at restaurants using their WIFI and these systems are the worse.

To, October 22, 2017 I was watching NetFlex and up pops ERR: Call Apple A.S.A.P. You have a virus, already being a victim of Idenity Theft (4) times I got sick to my stomach, I called Apple, yes we can help you its just $300.00 WHAT??? I'm disabled on a fixed income I don't have that much. So long to short I got Support for 6 months for $100.00, that I don't have. This site is (1) of the very FEW I trust, just wish these people could get caught. GOD BLESS US ALL

I need to no

The VPN thing don't work someone is attached to my VPN and I can't get rid of them

I think they need to make the consequences extremely harsh. I would like to see a mandatory jail sentence with restitution including Identity theft. 20 years

Can someone please help me?!!

Thank-you for providing such insightful useful information. I get of pre recorded sales calls, inproppratiate lewd sex pictures of persons while being on Facebook, get rich schemes, calls about my personal medical history which is against the law. These computer hackers use Ein, Social Security Numbers, Dob, phone numbers, Postal service, etc. Anything these persons can will use. Laws have to implied to stop.

We all need to be careful. Example: If you down load a App onto your phone, tablet or computer and if you need to register your Email or Username and they ask you to enter your social security number? You need to stop immediately. This has happened to me with two big corporations. One was a bank and the other was a Health Care Insurance Corporations. You need to get there technical support number and call them. You need to let them know that you will not enter the social security number over the internet. The bank handle it pretty good, but the health insurance was a different story. They consistently told me that their site was secure. I told them that I was going thru WiFi and that was not secure. They were determine and so was I. They finally accepted my way and gave me the information to work around of entering the S.S.N. I stayed on the phone and went one step at a time. Eventually we finish and everything work out ok. We all need to be aware. Say no and be strong. I hope this example will help somebody else.

How many researchers did it that take? My network was encrypted. I don't use WiFi anymore, l because it's unlimited data on cell phones. Maybe researchers should look into OPENSIGNAL, that's how my phone got breached. I'm one person, pulling my hair out till I accidentally came across that info hiding as a bookmark on my screen that said t-mobile. Ever wonder how t-mobile service got so big so fast? Now, you know. I am just one determined person to find answers and I found my answer. So, now who do I blame for losing everything? I would not have posted this is Samsung listened or T mobile would have given me a better response to the issue. Forgot being safe now, just walk around with your info plastered on your shirt. NOTHING IS SAFE, IF THEY WANT IT THEY WILL GET IT. I have told customers that for 10 years.

To FTC, i was happy to see theis, BUT I have also been hacked by a VPN user, using Blue Tooth Technology. Can be found nder User Accounts, Generic Web Credentials. You can go in and remove, but if they have your MAC address, they can keep getting in.

The user name is what I came up with the hacker on my phone he had stolen over 1000.00 from one of my online is the host are both lieble for my money

My kindle 7 is connected to comcast wifi, as is my computer. Sometimes when I get up late at night and turn on my kindle 7 to read, there is a hang-up chime, meaning someone was using the kindle connection and hung up.

This has happened numerous times.

What security steps need to be taken to get this person off my wifi?

Do you have a password for your wireless network, so you can limit who uses your wifi? You may need to create or change the password. This article about securing your wireless network has more information.

whos here from computer science class?

I found it interesting and helpful to know that our wifi can be hacked because the WPA2 security can be broken. It was also interesting how all we need to fix this is a security update for WPA2. The VPN tip was also very helpful and interesting.

Leave a Comment

Comment Policy