Skip to main content

Ring’s defense of recent hacks is as shoddy as its security, lawyer claims

ring door bell illustration
Illustration: Chris DeGraw

After a series of Ring camera hacks, the Amazon-owned security company has claimed that any intrusions into its customers’ cameras or accounts were perpetrated by hackers who obtained login credentials from hacking forums or the dark web, not from the company’s database.

Recommended Videos

Lawyers representing some of the hacking victims in a class-action lawsuit against Ring told Digital Trends that their clients used unique passwords that could not have been hacked anywhere else.

Hassan Zavareei, a partner at Tycko & Zavareei LLP, a firm specializing in class-action and privacy litigation, said the defense that login information was taken from other, unrelated data breaches is “baseless and false.”

The class-action suit, filed January 3 in the U.S. District Court for the Central District of California, describes several graphic incidents in which the plaintiffs’ Ring cameras were hacked. They include an incident where a young girl was exposed to racist insults that the hacker yelled at her, and another case where a hacker accessed the doorbell camera of clients Todd Craig and Tania Amador, and threatened them with “termination” unless they paid him 50 bitcoin (about $436,000).

“We know that [Ring’s defense] is not accurate because our clients Todd Craig and Tania Amador each created a unique password for their Ring accounts that they did not use for other accounts,” said Zavareei. “Mr. Craig created a unique 16-character password, and Ms. Amador created a unique 14-character password. If Ring’s excuses were true, the hackers would not have gained access to their Ring accounts, because their username and password combinations were not associated with other online accounts.”

Ring’s track record

The class-action lawsuit alleges negligence, public disclosure of private facts, and intrusion, among other things. Lawyers for the plaintiffs say they’re expecting a third family to join the class action as well.

Previously, Ring has claimed little responsibility for the hacks, describing them as issues with individual users’ passwords, not Ring’s database.

“Ring has refused to take responsibility for the security of its own home security devices.”

“It is not uncommon for bad actors to harvest data from other company’s data breaches and create lists like this so that other bad actors can attempt to gain access to other services,” the company said in a statement to ABC News last month when asked about another, similar suit that it’s facing.

In December, a data leak exposed the personal information of more than 3,000 Ring users. At the time, Ring told Digital Trends that there was no evidence of a hack of its systems. Earlier in January, Ring told a group of U.S. senators that Ring employees improperly accessed doorbell videos on four separate occasions.

ZDNet

“Even in light of widespread reports of hacks and unauthorized access to devices, Ring has refused to take responsibility for the security of its own home security devices, and its role in compromising the privacy of its customers,” the suit says.

Ring is not the only home security camera company with security issues. Wyze, a Ring competitor, suffered a major data breach at the end of 2019 that affected millions of customers. It was caused in part by the lack of basic security features, experts said. Ring has also suffered a smaller leak, but has denied that its own systems were compromised.

“At Ring, our top priority is the safety and security of our customers,” Ring said in a statement to DT. “While we do not comment on ongoing litigation, it is important to note that there is no evidence that Ring’s systems or network were compromised. But we have taken the issues seriously and plan to launch new user privacy controls. We will continue our long-standing commitment to making our Ring devices even stronger and more secure than ever.”

‘Inadequate security’

 

Whatever Ring’s new upcoming user privacy controls are, lawyers representing hack victims said Ring’s own security system is not very secure in the first place.

“This is different than the typical data breach case where there’s a mass exfiltration of information,” Austin Moore, a partner at Stueve Siegel Hanson LLP, which is also litigating the case, told Digital Trends. “This goes more to inadequate security.”

“It’s very ironic. You buy [Ring] for security, and they end up opening the door into everybody’s homes.”

“I don’t understand why Ring didn’t implement standard basic security protocols that are known to be effective at preventing unauthorized access,” Moore said.

Moore also added that it was “complete speculation” by Ring that clients’ passwords were stolen from elsewhere, as opposed to hackers exploiting a basic flaw in Ring’s system.

According to both Moore and Zavareei, Ring does not require two-factor authentication, and does not lock out a user after multiple wrong password attempts. This means a hacker can run a simple script that tries combinations of alphanumeric codes an unlimited number of times until it finds the one that will allow a login, Zavareei said.

“There are so many basic security precautions that need to be added here,” Zavareei said. “This is one of the more egregious examples of a failure to protect a privacy interest. It’s very ironic. You buy them [Ring] for security, and they end up opening the door into everybody’s homes.”

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Blink Mini 2 vs. Ring Stick Up Cam Plug-In: Which budget security camera is best for you?
The Blink Mini 2 placed on two books.

Blink and Ring are two of the best-known security companies, and they're responsible for many of the best security cameras on the market. The Blink Mini 2 and the Ring Stick Up Cam Plug-In are popular choices for frugal shoppers, as they carry reasonable price tags, yet offer most of the features you'd expect from a well-rounded camera. But if you only need one, which is right for you -- the Blink Mini 2 or the Ring Stick Up Cam Plug-In? Here's a look at both to help you decide.
Pricing and monthly fees

The Blink Mini 2 is one of the most affordable security cameras money can buy. It clocks in at just $40, though Blink often slashes its price to just $30. If you'd like to use the camera outside, you can bundle in the Weather Resistant Adapter for a total of $50.  The Ring Stick Up Cam Plug-In is more expensive at $100, though with the launch of the Stick Up Cam Pro, it's typically available for $70.

Read more
Ring Pan-Tilt Indoor Cam vs. Wyze Cam Pan v3: Which is the better pan-tilt camera?
The Pan-Tilt mounted on a wall.

An indoor camera capable of panning and tilting is one of the best ways to improve the security of your home. These devices make it easy to capture all corners of a room with a single device, making them a cost-effective way to keep tabs on a property. The Wyze Cam Pan v3 is one of the cheapest options on the market, but Ring has recently launched its own Pan-Tilt Indoor Cam that's quickly become popular with shoppers.

But is the expensive Ring Pan-Tilt Indoor Cam better than the Wyze Cam Pan v3? Or should you save yourself a few bucks and opt for the cheaper security camera? Here's a look at both to help you decide.
Pricing and monthly fees

Read more
Arlo Pro 5S vs. Ring Stick Up Cam Pro: Which is the best premium security camera?
The Arlo Pro 5S installed outside on a wall.

Security cameras are available at all budget levels, and it's not hard to find something under $50 that'll do a decent job of protecting your home. But if you're serious about home security, you'll likely want to increase your budget. Doing so will get you a product with better resolution, a wealth of useful features, and weatherproof designs that will work either indoors or out in the elements. And when it comes to premium security cameras, few products are as popular as the Arlo Pro 5S 2K and Ring Stick Up Cam Pro.

Interested in adding one of these high-end cameras to your home? Here's a comprehensive look at the Arlo Pro 5S 2K and Ring Stick Up Cam Pro to help you decide which is best for your needs.
Pricing and monthly fees

Read more