[UNUSUAL HACK] Thousands of connected hot tubs could be hacked

Thousands of connected hot tubs can be hacked and controlled remotely due to a flaw in their online security. This discovery was revealed by security researchers from Pen Test Partners Ltd who presented their results in a BBC programme.  During the program, the researchers explained how an attacker, with relative ease, can raise or lower the temperature sensors to make the baths warmer or colder. A hacker can also control pumps and lights in relative proximity, using a laptop or smartphone. The types of hot tubs concerned are those that have been designed so that their owners can control them via an application. This system, due to weak security protocols, allows an attacker to break in and control specific baths based on the bathtub’s GPS location data. The bathtub presented on the television show was manufactured by the Balboa Water group. The company  plans to release a patch by the end of February 2019.