Nest has long been the darling of the smart home industry, but the company recently confirmed its web-connected smart thermostat, known for learning the behavior of owners and saving them money, had been quietly leaking data.

But don't freak out yet. It's not as bad as it sounds.

In a report published to the site Freedom to Tinker and presented at the recent PrivacyCon conference, researchers at Princeton University detail how they detected that Nest's popular thermostat, among other web-connected devices, was transmitting data unencrypted, so in theory, online hackers could have intercepted that private information if they were looking in the right place.

However, the issue stemmed from a weather update containing location information of the home and local weather stations, Nest told Mashable. Sensitive information such as home addresses was already encrypted, but the data collected from local weather stations was not.

See also: The best smart gadgets that stole the show at CES 2016

"The Nest thermostat was revealing location information of the home and weather station, including the user’s zip code, in the clear," the report said.

"Many devices fail to encrypt at least some of the traffic that they send and receive," it added. "Investigating the traffic to and from these devices turned out to be much easier than expected, as many of the devices exchanged personal or private information with servers on the Internet in the clear, completely unencrypted."

When setting up the smart thermostat, Nest requires users to enter a zip code., The thermostat then pings the weather station in the area, which could be nearby or span as far as 90 miles away, and it was that information that was vulnerable to the leak.

Although the researchers originally believed the Nest thermostat was revealing the exact location of the customer's home, the company clarified the issue only leaked the user's zip code.

"The authors initially made an incorrect assumption, which we pointed out to them before they presented their report, that the response to the weather update request contains exact location of the customer's home," a Nest spokesperson told Mashable. "In fact, the weather information is provided by an online weather service, and the geolocation coordinates are for their remote weather stations, not our customers' homes. The only user information that is contained in the requests is zip code. We have reached out to the researcher to make this clarification update."

The company added it fixed the bug before it was notified by the researchers.

While the smart home trend is still growing — and zip code data, in the grand scheme of things, is a relatively small leak — the news doesn't help qualm consumer concerns over the security and data collection implications of embracing a fully connected home.

"Many devices fail to encrypt at least some of the traffic that they send and receive," the report states. "Investigating the traffic to and from these devices turned out to be much easier than expected, as many of the devices exchanged personal or private information with servers on the Internet in the clear, completely unencrypted."

To determine the report's findings, the researchers purchased a collection of smart devices — including the Sharx security camera, a SmartThings hub, the PixStar photo frame and (of course) the Nest thermostat. Those devices were then connected to network, and the traffic was monitored with how it exchanged information with the public Internet.

While the SmartThings hub was shown to be secure, the Sharx security camera and the PixStar photo framehad some troubling findings, as well.

"[It] transmits video over unencrypted FTP; if the server for the video archive is outside of the home, this traffic could also be intercepted by an eavesdropper," the report said.

Image: Nest

"All traffic to and from the PixStar photoframe was sent unencrypted, revealing many user interactions with the device."

The researchers said the move was a part of an effort to bring more awareness to the security implications around smart home products.

"Ultimately, multiple stakeholders may be involved with ensuring the security of a networked IoT device, including consumers, manufacturers, and Internet service providers," the researchers said. "There remain many unanswered questions concerning both who is able to (and responsible for) securing these devices, but we should start the discussion about how to improve the security for networks with IoT devices."