Amazon’s Ring Security Camera
Amazon’s Ring Security Camera | |
---|---|
Short Title | Amazon’s Ring Security Camera Was Found to Have Security Vulnerabilities |
Location | Global |
Date | 2020 |
Solove Harm | Insecurity, Secondary Use |
Information | Identifying, Physical Characteristics, Computer Device, Contact |
Threat Actors | Amazon |
Individuals | |
Affected | Users of Ring security cameras |
High Risk Groups | |
Tangible Harms |
The data of users of Amazon’s Ring security cameras were found to be not protected enough. Employees had access to customers’ videos, and hackers were able to hijack the cameras of multiple families.
Description
Ring Inc. is a company owned by Amazon that is specialized in home security and that produces an internet-connected doorbell camera to let users watch live videos of their homes through an app. The app requires registration with email and a password.
In 2020 Ring camera was found to have paradoxically low-security standards concerning users' data. It appeared that employees of the company had access to customers’ videos. Insecurity The company had to fire 4 employees over a few years for watching customers’ videos. Another Insecurity example is that in December 2019 hackers were able to hijack the Ring cameras of multiple families, using the devices’ speakers to verbally assault some of them.
In reaction to that in 2020 Ring announced new security protocols, such as mandating two-factor verification to log into one’s account to access the footage.
Another violation that was identified is Secondary Use, as researches found hidden code, that was using invisible trackers to send users’ data to third-party marketing and analytics firms.
When the issue was addressed, the company reacted, that they were “temporarily pausing the use of most third-party analytics services in the Ring apps and website” and working on tools for people to opt-out of this type of data sharing.