Most households nowadays have a least one smart voice assistant product– either Google Home or Amazon Alexa. Researchers are saying that both these products were vulnerable to a major security issue that could have allowed 3rd party apps to eavesdrop on people without their permission.

Security Research Labs said it discovered a flaw within Amazon and Google that allowed hackers to steal user’s information, and reported it to both companies. Amazon and Google give third party apps access to their products to improve them, however, hackers could have inappropriately used this information and customized commands in order to get user’s to reveal sensitive information about themselves.

For example, in one instance, a user asked their Amazon Alexa product a question. Unbeknownst to the user, after the product was finished answering the question, it continued to run in the background and listen to the user. After a few minutes, the device announced that the company had released a new update and asked the user to say their password.

Amazon and Google assistant products never ask user’s to reveal their password through voice when they’re working properly and not hacked and manipulated by third party softwares and developers. Google and Amazon both said they have since fixed the issue, but it’s still very alarming.