A security researcher, Ryan Castellucci, has discovered a critical vulnerability in a UK-based energy management provider's system, giving them control over an estimated 60,000 installed systems and compromising the data of all other customers. The issue arose from a 512-bit RSA key used to protect the API, which was factorable with cloud computing costs of $70 and less than 24 hours. GivEnergy introduced a fix within 24 hours after being privately notified by Castellucci.
Source: https://arstechnica.com/?p=2042026