With repeated reminders to secure your login credentials and use strong, unique passwords, it is easy to become complacent, or even dismissive of new reminders. Don’t be. A privacy intrusion can be every bit as harmful as a compromise of your financial information.
Millions of customers have purchased a Ring security system to guard against intruders. However, a recent lawsuit details alleged instances where the devices were hacked by strangers who taunted children, yelled obscenities and racial slurs, threatened to kill device owners, or demanded a hefty ransom via the two-way speaker system. In December, a video from one of the plaintiff’s Ring cameras made news because it showed a stranger hacking into the video feed and scaring an 8-year-old girl by playing music and speaking to her through the Ring device.
Not unlike other privacy breaches, apparently the intrusion was caused by user error, not a device malfunction. After investigating the incidents, Amazon stated that there was “no evidence of an unauthorized intrusion or compromise of Ring’s systems or network” and instead “malicious actors obtained some Ring users’ account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log in to some Ring accounts.”
If you own any Internet of Things (IoT) device, including a Ring doorbell, take the same simple security steps you use to secure your online banking accounts:
- Enable two-factor authentication. Once enabled through the settings on the Ring app, if someone attempts to use your account on a new device, a code will be sent to your phone that needs to be entered into the app on the new device to gain access to the account.
- Use a unique, strong password for your Ring account. At least one hacker was able to gain access to a Ring account because the owners reused their passwords.
- Don’t share login information. If you ever need to give someone else access to your Ring equipment, you can add them as a shared user on the account without giving them the master account’s login information. However, you’ll want to make sure that any shared users are also using two-factor authentication and secure passwords.
Check out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.