Man Accidentally Creates Orwellian Nightmare Trying to Clean Room

This article originally appeared on theDaily Caller News Foundationand was republished with permission.

A man who wanted to steer his Chinese-designed robot vacuum with a PlayStation controller said he ended up accidentally peering into thousands of strangers’ homes in an interview.

Sammy Azdoufal, the AI strategy lead at a vacation rental company in Spain, built a custom app to operate his new DJI Romo robot vacuum with a PS5 gamepad, hetoldThe Verge on Feb. 10. He said he relied on Anthropic’s Claude Code to decode how the vacuum communicated with DJI’s cloud infrastructure. Instead of connecting only to his machine, approximately6,700 vacuums across 24 countries reportedly responded to him as their operatorwithin 9 minutes of him sitting down with The Verge’s reporter.

Azdoufal claimed he could view live video feeds, listen through onboard microphones, monitor cleaning activity and produce detailed floor plans of private residences. Device IP addresses reportedly revealed approximate locations. He said he never penetrated DJI’s systems, telling The Verge he simply pulled his own vacuum’s security token and the company’s servers handed over data from thousands of other units.

“I didn’t infringe any rules, I didn’t bypass, I didn’t crack, brute force, whatever,” Azdoufal told The Verge.

He showed the outlet the flaw using a review unit’s 14-digit serial number. With that code alone, Azdoufal identified the device’s battery level and the room it was cleaning, according to the outlet.

A DJI spokesperson told The Verge the company had already resolved the flaw. Roughly 30 minutes after that statement, Azdoufal demonstrated continued access to thousands of devices, according to the outlet. The strategist was reportedly later unable to move The Verge’s robot or access its video or microphone after they reached out to DJI.

DJI later acknowledged a “backend permission validation issue” and said it deployed two patches on Feb. 8 and Feb. 10. However, Azdoufal alleged additional vulnerabilities remained unaddressed.

The report comes amid existing national security concerns surrounding DJI. The FCC placed theChinesedrone maker on its Covered List in December 2025 after a classified interagency review determined foreign-made drones posed unacceptable dangers, DroneXLreported. Republican Florida Sen. Rick Scott has sought to retroactively revoke all DJI FCC authorizations granted after Dec. 23, 2024.

South Korea’s Consumer Agency tested six robot vacuums in 2025 and found critical weaknesses in three Chinese models, South Korean news outlet, The Korea Heraldreported. The agency found that Dreame’s X50 Ultra allowedhackersto remotely activate its camera while Narwal and Ecovacs units lacked proper authentication, exposing photos captured during cleaning sessions to outside parties. Samsung and LG devices earned higher marks.

Source: The Vigilant Fox