Skip to main content

Ring’s defense of recent hacks is as shoddy as its security, lawyer claims

ring door bell illustration
Illustration: Chris DeGraw

After a series of Ring camera hacks, the Amazon-owned security company has claimed that any intrusions into its customers’ cameras or accounts were perpetrated by hackers who obtained login credentials from hacking forums or the dark web, not from the company’s database.

Lawyers representing some of the hacking victims in a class-action lawsuit against Ring told Digital Trends that their clients used unique passwords that could not have been hacked anywhere else.

Hassan Zavareei, a partner at Tycko & Zavareei LLP, a firm specializing in class-action and privacy litigation, said the defense that login information was taken from other, unrelated data breaches is “baseless and false.”

The class-action suit, filed January 3 in the U.S. District Court for the Central District of California, describes several graphic incidents in which the plaintiffs’ Ring cameras were hacked. They include an incident where a young girl was exposed to racist insults that the hacker yelled at her, and another case where a hacker accessed the doorbell camera of clients Todd Craig and Tania Amador, and threatened them with “termination” unless they paid him 50 bitcoin (about $436,000).

“We know that [Ring’s defense] is not accurate because our clients Todd Craig and Tania Amador each created a unique password for their Ring accounts that they did not use for other accounts,” said Zavareei. “Mr. Craig created a unique 16-character password, and Ms. Amador created a unique 14-character password. If Ring’s excuses were true, the hackers would not have gained access to their Ring accounts, because their username and password combinations were not associated with other online accounts.”

Ring’s track record

The class-action lawsuit alleges negligence, public disclosure of private facts, and intrusion, among other things. Lawyers for the plaintiffs say they’re expecting a third family to join the class action as well.

Previously, Ring has claimed little responsibility for the hacks, describing them as issues with individual users’ passwords, not Ring’s database.

“Ring has refused to take responsibility for the security of its own home security devices.”

“It is not uncommon for bad actors to harvest data from other company’s data breaches and create lists like this so that other bad actors can attempt to gain access to other services,” the company said in a statement to ABC News last month when asked about another, similar suit that it’s facing.

In December, a data leak exposed the personal information of more than 3,000 Ring users. At the time, Ring told Digital Trends that there was no evidence of a hack of its systems. Earlier in January, Ring told a group of U.S. senators that Ring employees improperly accessed doorbell videos on four separate occasions.


“Even in light of widespread reports of hacks and unauthorized access to devices, Ring has refused to take responsibility for the security of its own home security devices, and its role in compromising the privacy of its customers,” the suit says.

Ring is not the only home security camera company with security issues. Wyze, a Ring competitor, suffered a major data breach at the end of 2019 that affected millions of customers. It was caused in part by the lack of basic security features, experts said. Ring has also suffered a smaller leak, but has denied that its own systems were compromised.

“At Ring, our top priority is the safety and security of our customers,” Ring said in a statement to DT. “While we do not comment on ongoing litigation, it is important to note that there is no evidence that Ring’s systems or network were compromised. But we have taken the issues seriously and plan to launch new user privacy controls. We will continue our long-standing commitment to making our Ring devices even stronger and more secure than ever.”

‘Inadequate security’

Whatever Ring’s new upcoming user privacy controls are, lawyers representing hack victims said Ring’s own security system is not very secure in the first place.

“This is different than the typical data breach case where there’s a mass exfiltration of information,” Austin Moore, a partner at Stueve Siegel Hanson LLP, which is also litigating the case, told Digital Trends. “This goes more to inadequate security.”

“It’s very ironic. You buy [Ring] for security, and they end up opening the door into everybody’s homes.”

“I don’t understand why Ring didn’t implement standard basic security protocols that are known to be effective at preventing unauthorized access,” Moore said.

Moore also added that it was “complete speculation” by Ring that clients’ passwords were stolen from elsewhere, as opposed to hackers exploiting a basic flaw in Ring’s system.

According to both Moore and Zavareei, Ring does not require two-factor authentication, and does not lock out a user after multiple wrong password attempts. This means a hacker can run a simple script that tries combinations of alphanumeric codes an unlimited number of times until it finds the one that will allow a login, Zavareei said.

“There are so many basic security precautions that need to be added here,” Zavareei said. “This is one of the more egregious examples of a failure to protect a privacy interest. It’s very ironic. You buy them [Ring] for security, and they end up opening the door into everybody’s homes.”

Editors' Recommendations

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
How to save Ring Doorbell video without a subscription
Ring Doorbell mounted outside a front door.

If you know anything about smart-home technology, you may know that some of the best purchases aren't just a one-time fee -- especially anything with cloud-based features. Ring, one of the big names in smart home surveillance, is no exception. Many of the company's Ring Video Doorbell features, including saving videos, require you to sign up for their monthly Ring Protect subscription. Even if you want to save videos that you've watched on your phone, you'll still need to subscribe.

Currently, the company offers three plans for recording and saving video from a Ring device. The basic plan lets you record video from one Ring product. The plus option will work for multiple products. If you're looking for more than just recording video, sign up for the company's pro plan, which includes video recording, 24/7 professional monitoring service for Ring Alarm, and a few more noteworthy features. For example, you can get a discount on your home insurance.

Read more
Arlo vs. Ring camera: Which is better?
5 things we hope ring always home cam could do lifestyle 1 of 4

If you’re looking for a smart home security system or maybe you already have some elements of a system and want to expand, you’re likely looking at both the Arlo and Ring systems. Both are well-known, popular, and easy-to-use DIY systems that are also affordable. But is one better than the other? We did a deep dive into both systems to see how they compare and differ. If you're thinking you want some security without investing in a new system, you can read about how to turn your old smartphone into a security camera.
Resolution and night video

Arlo sells both HD and higher 4K resolution video cameras, while Ring’s lineup is limited to only HD cameras and doorbells. If you’re looking for the absolute highest resolution video (to potentially use as evidence) you probably want to lean towards an Arlo camera, and specifically the Arlo Ultra 2.

Read more
 This all-in-one smart door boasts built-in Ring and Yale gadgets
masonite, smart door, ring , yale

Plenty of us think about our home's front door in terms of components, adding doorbells, peepholes, lighting, smart locks and the like, but rarely do we consider the door itself as a smart entity. Now, Masonite International is thinking about front doors in exactly that way, announcing today at CES 2022 that it’s making the first smart door for home use and partnering with two of the biggest names in smart entry tech to do it: Ring and Yale.

The cryptically named Masonite M-PwrTM Smart Doors are the first residential exterior doors to integrate power, LED lights, a Ring Video Doorbell, and a Yale smart lock into the door system, according to news released from the company. The fully integrated Ring Video Doorbells and Yale smart locks do not require individual device batteries, a significant change from the aftermarket consumer models most of us buy today.

Read more