Does the Ring Camera Spy on You

Does the Ring Camera Spy on You? FTC Reveals New Incident Details

In court documents filed on Wednesday, the Federal Trade Commission disclosed that at least 55,000 U.S. customers were the victims of 2019 hacks targeting Ring, a maker of home security cameras that is owned by Amazon. Additionally, new information regarding instances of Ring employees and subcontractors spying on customers was made public.

Ring would be required to pay $5.8 million to individuals impacted by Ring’s security flaws and subsequent hacks, according to court documents that included a complaint and proposed settlement.

The FTC complaint revealed that in between June and August 2017, a male Ring employee viewed “thousands” of videos captured on Ring cameras belonging to “at least 81” women, including Ring clients and personnel. He was only fired when noticed a coworker noticed he was “only viewing videos of ‘pretty girls.'”

A different Ring employee, starting in March 2018, personally gave cameras to people and then viewed their videos “without their knowledge or consent.” He reportedly took copies of some videos when he left the business in September 2019. The complaint, which cites a whistleblower, says Ring did not know “that anything was amiss.”

On another occasion, a customer service representative, who was a contractor not employed for Ring, described having “unfettered access to videos belonging to thousands of customers who never contacted customer service.” The research and development team at Ring, based in Ukraine, has previously been shown to have unrestricted access to customer videos.

The number of possible similar incidents is unknown. Since Ring didn’t implement reliable features to monitor employee access to videos before February 2019, the FTC said, the company has “no idea how many instances of inappropriate access to customers’ sensitive video data actually occurred.”

Yassi Yarger, a public relations manager for Ring and other Amazon products, told Insider that Ring “promptly addressed these issues on its own years ago, well before the The FTC started its investigation.”

“While we disagree with the FTC’s allegations and deny violating the law, this settlement resolves this matter so we can focus on innovating on behalf of our customers,” Yarger said.

More Than 55,000 Hack Victims

Prior to the publication of the complaint on Wednesday, there was some hazy public knowledge of Ring employees spying on customers. In response to a Senate inquiry, Ring said in a January 2020 letter that over four years, the company received “four complaints or inquiries regarding a team member’s access to Ring video data.”

The complaint also discloses the number of individuals who fell victim to a string of hacks in 2019 that targeted Ring customers in a number of high profile incidents. Between January 2019 and March 2020, the FTC said in its Wednesday complaint, “more than 55,000 U.S. customers” were the victims of hackers targeting Ring accounts.

“The only place I am aware of this number being public is in our complaint,” Senior attorney at the FTC’s Bureau of Consumer Protection and the case’s lead attorney, Elisa Jillson, told Insider.

The hackers used brute force attacks, in which log-in information is mass-guessed, and credential stuffing, in which previously compromised emails and passwords are used to log into another account.

“Through these attacks, bad actors gained access to hundreds of thousands of videos of the personal spaces of consumers’ homes, including their bedrooms and their children’s bedrooms—recorded by devices that Ring sold by claiming that they would increase consumers’ security,” the complaint reads.

According to media reports, security flaws affecting Ring accounts in 2019 gave hackers access to user accounts, allowed them to watch people from their homes from a distance, and allowed them to taunt and harass the victims through a speaker attached to the cameras. In one instance, the girl, who was eight years old, was the target of the vulnerability. For amusement, some hackers started a podcast where they exploited Ring cameras in real time.

The company is currently facing a class action lawsuit as a result of these hacks. More than 3,000 Ring log-ins were made public online in late 2019, but it wasn’t immediately clear if that represented all the users who had their security compromised.

Related Post: How to Turn Off Ring Camera?

“Terrified” and “traumatized” by Hacks

The severity of Ring’s security issues is finally made clear by the FTC’s complaint from Wednesday. It was the result of a protracted investigation, according to Jillson, which involved civil subpoenas and information requests sent to both Ring and other businesses.

Ring has historically disputed accusations that its log-in procedures and security cameras are lax. In a September 2021 filing for the ongoing class action suit Ring emphasized that customers were only affected because their information was leaked on “a separate, external, non-Ring service” and then “reused” to access But by requiring multi-factor authentication when logging in, businesses can stop hacks brought on by stolen usernames and passwords. Meanwhile, parties in the class action claimed they were “terrified” and “traumatized” by the hacks.

The FTC complaint points out that Ring only began rolling out multi-factor-authentication in May 2019, and because it was optional and not required, “less than 2% of customers” adopted the security feature that year.

Jillson declined to say how long the FTC looked into Ring before it filed its complaint and proposed order on Wednesday. However, she revealed to Insider that Ring has already accepted the settlement’s terms. In addition to paying a payout to all eligible consumers, Ring has to delete or destroy all Ring camera recordings “collected before March 1, 2018, and used for research and development purposes after being reviewed and annotated by staff or contractors.”

A Washington, D.C., district court judge. has to be assigned the case and approve the terms of the settlement, a formality that could take a few days to a few weeks. Jillson opted not to go into specifics about the Ring settlement agreement.

Jillson told Insider that she wanted to emphasize the “broad and striking” nature of the FTC’s complaint.

“These accusations are quite heinous. Children as well as adults are impacted by it because it involves spying and harassment in people’s homes’ most private areas. Therefore, it is crucial that the FTC act where there is such egregious behavior.”

Source: businessinsider

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

Related Posts

Begin typing your search term above and press enter to search. Press ESC to cancel.

Back To Top
0
Would love your thoughts, please comment.x
()
x