Hackers accessed Ring security cameras in Florida and Tennessee over the last few days and communicated with children, raising questions about the safety of the devices made by the Amazon subsidiary.
— WMC Action News 5 (@WMCActionNews5) December 11, 2019
In Tennessee, a hacker broke into a Ring camera only four days after it was purchased on Black Friday. The camera was placed in a room shared by three girls, and the hacker used it to harass an eight-year-old girl.
In the video, the hacker told the girl he was Santa Claus. WMC5 reported the hacker encouraged destructive behavior before the girl’s father intervened.
A similar incident was reported in Florida earlier this week. In this instance, a hacker accessed the camera and began making racist comments toward a 15-year-old boy.
This sounds like a nightmare but it happened in real life to a Cape Coral family. Their Ring camera inside their home was hacked.
— Cristina Mendez (@CrisMendezTV) December 10, 2019
Amazon-owned Ring makes a series of connected security cameras, complementing its flagship smart doorbells. Vice’s Motherboard reported that hackers have created software specifically for breaking into Ring security cameras and are spreading it via online forums. The site also unearthed a podcast where hackers break into Ring security cameras and harass their owners on the show.
These hackers take advantage of weak password security on the Ring account to infiltrate the devices. Ring offers extra security measures, such as two-factor authentication, however it doesn’t require customers to use them, Motherboard notes. In at least one of the two hacks reported this week, the device was not secured with two-factor authentication.
We’ve reached out to Ring for more information on the incidents, and we will update this post if we hear back. Ring offered identical statements to news organizations reporting the two hacks this week.
Customer trust is important to us and we take the security of our devices seriously. While we are still investigating this issue and are taking appropriate steps to protect our devices based on our investigation, we are able to confirm this incident is in no way related to a breach or compromise of Ring’s security.
Due to the fact that customers often use the same username and password for their various accounts and subscriptions, bad actors often re-use credentials stolen or leaked from one service on other services. As a precaution, we highly and openly encourage all Ring users to enable two-factor authentication on their Ring account, add Shared Users (instead of sharing login credentials), use strong passwords, and regularly change their passwords.