Nest has identified some accounts that may be vulnerable to unauthorized access. If you received one of these emails, you should change your password immediately. For greater security, enable two step verification on your account. See below for additional recommendations to check settings and options in the app.
For customers who received a password change email on or after December 19, 2018, the sender of the email you received is firstname.lastname@example.org.
For customers who received an email before December 19, 2018, the sender of the email you received is email@example.com. This is the address that Nest uses for product announcements, promotions, and other communications.
Why did I get the email?
We believe we’ve discovered your Nest Account email address and password in a public list of credentials that were stolen in data breaches.
None of these breaches involved Nest. But you may have used the same email address and password to log into a different account or website, and those credentials may have been compromised.
How did you find my credentials online?
Nest proactively monitors publicly leaked password databases and checks to see if any entries match your Nest Account credentials.
If you received an email from Nest, it means that one of these public databases included the password you use to sign into your Nest Account.
Where can I check this information myself?
Third-party websites like haveibeenpwned.com let users check their email address and see a list of breaches.
Was Nest's data breached? Was my account hacked?
We invest significant resources in data security and, to our knowledge, Nest infrastructure was not breached.
If you’re using the same credentials to sign into your Nest Account that you use to sign into other websites, one of the other sites may have been compromised or your password may have been stolen. Common causes of password theft are phishing emails or websites, malware, and using a password on a website that has been compromised. Any website or account that uses the same credentials may be vulnerable to unauthorized access.
What should I do?
Protect your Nest Account
Check settings and options in the Nest app
- From the app home screen, select Settings and make sure nothing has changed.
- Ensure that there is nobody added as a Family Accounts member who shouldn't be there. For more information about Family Accounts, including instructions to remove someone's access from your home, see the following article: Learn about Family Accounts and how to share access to your Nest home.
- Ensure that you recognize all the Works With Nest connections in each home in your account. For more information about Works With Nest, including instructions to remove a Works With Nest connection, see the following article: Learn about Works with Nest.
Update your credentials for other websites and accounts
- Change your password on each account that uses the same credentials as your Nest Account
- If the other accounts support additional security, such as 2-step verification, take advantage of these options
Tips for password security
- Use a unique password for each website and account
- Change your passwords regularly
- Use strong passwords (at least 8 characters, with capital letters, numbers, and symbols)
- A password manager like Smart Lock from Google can help you keep track of your current passwords