Mars Hydro Breach: Massive Exposure of IoT User Data
In February 2025, Mars Hydro, a Chinese manufacturer of IoT-enabled grow lights, experienced a significant data breach. An unprotected database containing approximately 2.7 billion records—totaling 1.17 terabytes—was discovered, exposing sensitive user information. The compromised data included Wi-Fi network names (SSIDs), passwords, IP addresses, device IDs, and email addresses. This exposure poses substantial risks, such as unauthorized network access, potential surveillance, and man-in-the-middle attacks. Upon notification, Mars Hydro promptly secured the database; however, the duration of the exposure and whether malicious entities accessed the data remain uncertain.