Multiple Ring data breaches reported, thousands of customers impacted

[quads id=1]

Smart home security firm, Ring has been caught in a cycle of screwup after screwup, but this one might just be the most egregious. The firm has, according to a report from Buzzfeed News, had the data of 3,600 users leaked online. This data included usernames, passwords, and information about the cameras like what they were named — hinting at their location in users’ homes. Another leak of 1,500 users was also discovered for sale on the dark web (as reported by TechCrunch.) Much like the earlier leak, the data contained in was much of the same.

While Ring has yet to comment on the latter leak, a spokesperson told Buzzfeed the following regarding the former:

Ring has not had a data breach. Our security team has investigated these incidents and we have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network. It is not uncommon for bad actors to harvest data from other company’s data breaches and create lists like this so that other bad actors can attempt to gain access to other services.

Ring’s reasoning here is a bit confusing. It’s true that on the one hand, you could argue that bad actors may have matched the credentials of Ring users to accounts originating from other breaches. On the other hand, as security researcher Cooper Quintin notes, the information in the dump contained Ring specific information that could not have come from another firm’s credential dump. It’s unlikely that a Gmail breach, for instance, would contain the nicknames and locations of a ring account. Ring may dispute a data breach through its spokespeople, but its explanation leaves something to be desired.

Get two Samsung Galaxy S10 for the price of one!

Smart cameras probably help more than they harm when it comes to home security, but like with all things security-oriented, it’s only as strong as its weakest link. Ring’s data breaches have, unfortunately, been eroding customer trust in the firm, and its response here can’t possibly help matters. The best thing for current Ring users to do right now is to secure their devices as best as they can while the company gets its act together. Enabling two-factor authentication is probably a good start.

How to secure your Ring account with two-factor authentication (2FA)

var fbAsyncInitOrg = window.fbAsyncInit; window.fbAsyncInit = function() { if(typeof(fbAsyncInitOrg)=='function') fbAsyncInitOrg(); FB.init({ appId: "291830964262722", xfbml: true, version : 'v2.7' });

FB.Event.subscribe('xfbml.ready', function(msg) { // Log all the ready events so we can deal with them later var events ='ready-events'); if( typeof(events) === 'undefined') events = []; events.push(msg);'ready-events',events); });

var fbroot = $('#fb-root').trigger('facebook:init'); };

Source link

[quads id=1]

Add Comment