Skip to main content

Ring’s defense of recent hacks is as shoddy as its security, lawyer claims

ring door bell illustration
Illustration: Chris DeGraw

After a series of Ring camera hacks, the Amazon-owned security company has claimed that any intrusions into its customers’ cameras or accounts were perpetrated by hackers who obtained login credentials from hacking forums or the dark web, not from the company’s database.

Lawyers representing some of the hacking victims in a class-action lawsuit against Ring told Digital Trends that their clients used unique passwords that could not have been hacked anywhere else.

Hassan Zavareei, a partner at Tycko & Zavareei LLP, a firm specializing in class-action and privacy litigation, said the defense that login information was taken from other, unrelated data breaches is “baseless and false.”

The class-action suit, filed January 3 in the U.S. District Court for the Central District of California, describes several graphic incidents in which the plaintiffs’ Ring cameras were hacked. They include an incident where a young girl was exposed to racist insults that the hacker yelled at her, and another case where a hacker accessed the doorbell camera of clients Todd Craig and Tania Amador, and threatened them with “termination” unless they paid him 50 bitcoin (about $436,000).

“We know that [Ring’s defense] is not accurate because our clients Todd Craig and Tania Amador each created a unique password for their Ring accounts that they did not use for other accounts,” said Zavareei. “Mr. Craig created a unique 16-character password, and Ms. Amador created a unique 14-character password. If Ring’s excuses were true, the hackers would not have gained access to their Ring accounts, because their username and password combinations were not associated with other online accounts.”

Ring’s track record

The class-action lawsuit alleges negligence, public disclosure of private facts, and intrusion, among other things. Lawyers for the plaintiffs say they’re expecting a third family to join the class action as well.

Previously, Ring has claimed little responsibility for the hacks, describing them as issues with individual users’ passwords, not Ring’s database.

“Ring has refused to take responsibility for the security of its own home security devices.”

“It is not uncommon for bad actors to harvest data from other company’s data breaches and create lists like this so that other bad actors can attempt to gain access to other services,” the company said in a statement to ABC News last month when asked about another, similar suit that it’s facing.

In December, a data leak exposed the personal information of more than 3,000 Ring users. At the time, Ring told Digital Trends that there was no evidence of a hack of its systems. Earlier in January, Ring told a group of U.S. senators that Ring employees improperly accessed doorbell videos on four separate occasions.


“Even in light of widespread reports of hacks and unauthorized access to devices, Ring has refused to take responsibility for the security of its own home security devices, and its role in compromising the privacy of its customers,” the suit says.

Ring is not the only home security camera company with security issues. Wyze, a Ring competitor, suffered a major data breach at the end of 2019 that affected millions of customers. It was caused in part by the lack of basic security features, experts said. Ring has also suffered a smaller leak, but has denied that its own systems were compromised.

“At Ring, our top priority is the safety and security of our customers,” Ring said in a statement to DT. “While we do not comment on ongoing litigation, it is important to note that there is no evidence that Ring’s systems or network were compromised. But we have taken the issues seriously and plan to launch new user privacy controls. We will continue our long-standing commitment to making our Ring devices even stronger and more secure than ever.”

‘Inadequate security’

Whatever Ring’s new upcoming user privacy controls are, lawyers representing hack victims said Ring’s own security system is not very secure in the first place.

“This is different than the typical data breach case where there’s a mass exfiltration of information,” Austin Moore, a partner at Stueve Siegel Hanson LLP, which is also litigating the case, told Digital Trends. “This goes more to inadequate security.”

“It’s very ironic. You buy [Ring] for security, and they end up opening the door into everybody’s homes.”

“I don’t understand why Ring didn’t implement standard basic security protocols that are known to be effective at preventing unauthorized access,” Moore said.

Moore also added that it was “complete speculation” by Ring that clients’ passwords were stolen from elsewhere, as opposed to hackers exploiting a basic flaw in Ring’s system.

According to both Moore and Zavareei, Ring does not require two-factor authentication, and does not lock out a user after multiple wrong password attempts. This means a hacker can run a simple script that tries combinations of alphanumeric codes an unlimited number of times until it finds the one that will allow a login, Zavareei said.

“There are so many basic security precautions that need to be added here,” Zavareei said. “This is one of the more egregious examples of a failure to protect a privacy interest. It’s very ironic. You buy them [Ring] for security, and they end up opening the door into everybody’s homes.”

Editors' Recommendations

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Does the Ring Stick Up Cam Pro rotate or swivel?
The Ring Stick Up Cam Pro on display the 2023 Amazon Fall Devices and Services event.

When it comes to home security, a good camera is worth its weight in gold. Unless a camera is reliable, captures clear pictures, and can send you alerts about your property, there's no reason to add it to your security system. One feature that makes security cameras extra appealing is their ability to rotate or swivel. This allows you to pan it around your home and get a 360-degree look at its surroundings.

The Ring Stick Up Cam Pro is undoubtedly one of the best security cameras, but can it rotate? Or will you be stuck looking in one spot without the option to remotely pan its viewing angle? Here's everything you need to know about whether the Ring Stick Up Cam Pro can rotate.
Does the Ring Stick Up Cam Pro rotate?

Read more
Ring Stick Up Cam Pro vs. Canary Pro: Which is the better security camera?
The Canary Pro next to the Ring Stick Up Cam pro

When it comes to premium indoor security cameras, few are as popular as the Ring Stick Up Cam Pro. Available in both wired and battery-powered formats, it’s a versatile camera that's well-suited for most home security systems. However, the lesser-known Canary Pro offers many of the same features as the Ring Stick Up Cam Pro -- yet is often on sale for a much lower price.

But is the Canary Pro better than the Ring Stick Up Cam Pro? Or should you just buy the popular Ring product? And, more importantly, what sort of ongoing monthly fees are required for these cameras? Here's a look at everything you need to know.
Pricing and monthly fees

Read more
Do you need a subscription for a Ring doorbell or camera?
The Ring Video Doorbell 3 installed near a door.

Anyone shopping for a DIY home security system has probably stumbled upon Ring. The company has an ever-growing lineup of cameras and video doorbells that are consistently ranked among the best available -- and since they're easy to set up and offer tons of functionality, it's no surprise they're so popular.

One thing to keep in mind when looking at Ring products is that you'll be on the hook for more than just the sticker price. Ring offers a monthly subscription service known as Ring Protect. Many of the best features for its cameras and video doorbells are locked behind this subscription plan, meaning owners who don't sign up will be missing out on important functionality.

Read more