Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Tami Abdollah

Tami Abdollah was dot.LA's senior technology reporter. She was previously a national security and cybersecurity reporter for The Associated Press in Washington, D.C. She's been a reporter for the AP in Los Angeles, the Los Angeles Times and for L.A.'s NPR affiliate KPCC. Abdollah spent nearly a year in Iraq as a U.S. government contractor. A native Angeleno, she's traveled the world on $5 a day, taught trad climbing safety classes and is an avid mountaineer. Follow her on Twitter.

Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Ring unveiled new security steps for customers when logging into their doorbell camera accounts, making two-factor authentication mandatory as the Santa Monica-based company battles criticism about privacy and unauthorized access to its technology.

The Amazon-owned company said in a blog post on Tuesday that the change is now rolling out to customers, and adds authentication to help "prevent unauthorized users from gaining access to your Ring account, even if they have your username and password." Users receive a one-time, six-digit code via SMS or email, and must enter that in before they can access the Ring account.


The beefed-up security measures come in response to a slew of reports of hacks, including one where a hacker was able to watch and communicate with an 8 year-old girl. The Amazon.com, Inc.-owned company unveiled its new privacy dashboard at the start of 2020 that allows people to see who has access to their device, but did not make two-factor authentication mandatory at the time.

"Our account safety and security is our priority," said Leila Rouhi, Ring's president. "We will stay vigilant and continue to give you more transparency and control over your devices and personal information, and help keep your home and Ring account secure and protected."

The authentication change also comes as a new federal lawsuit looms about privacy concerns. Amazon.com and Ring were sued in federal court in Los Angeles on Dec. 26, by a man who said his kids were playing basketball when a voice came on their Ring device's two-way speaker system commenting on their play and encouraging them to get closer to the camera. The plaintiff, John Baker Orange of Jefferson County, Alabama, then changed his password and enabled two-factor authentication. His password was previously "medium-strong" the lawsuit states.

The lawsuit filed as a class action states that the company has "attempted to distance itself from liability by blaming customers for failing to create strong security passwords" when their devices are hacked. But "it is Ring who failed to provide sufficiently robust security measures such as two-factor authentication and other protocols necessary to maintain the integrity and inviolability of its cameras.

"As a result of Ring's defective design, and its failure to imbue its WiFi cameras with sufficient security protocols, its customers' most basic privacy rights were violated along with the security and sanctity of their homes."

More recently, the company has been hit with criticisms about its sharing of user data with third-party service providers. Rouhi noted that the company will immediately put a temporary pause on the use of "most" third-party analytics services in the Ring apps and websites, while it works on giving users abilities to opt out of sharing their data with third-parties. Those additional options will be available in early Spring, Rouhi wrote.

Beginning this week, users will be able to opt out of sharing their information with third-party service providers for personalized ads.

Image courtesy of Ring

An image of the new required two-factor authentication that will greet users when they go to login to the Ring app. They will receive a unique six-number code via text or email to enter into their phone.

"You might think you built this amount of trust with Ring because there's this app that protects the home. But in reality they're sending that data to third parties, they're partnering with law enforcement across the country without their customer knowledge, they've been the subject of hacks that have revealed user passwords, and then they blame the customer for it," said William Budington, a senior staff technologist for the Electronic Frontier Foundation, a nonprofit digital rights advocacy group, in a recent interview with dot.LA.

__

Do you have a story that needs to be told? My DMs are open on Twitter @latams. You can also email me, or ask for my Signal.

tami@dot.la

Subscribe to our newsletter to catch every headline.

Cadence

Genies Wants To Help Creators Build ‘Avatar Ecosystems’

Christian Hetrick

Christian Hetrick is dot.LA's Entertainment Tech Reporter. He was formerly a business reporter for the Philadelphia Inquirer and reported on New Jersey politics for the Observer and the Press of Atlantic City.

Genies Wants To Help Creators Build ‘Avatar Ecosystems’

When avatar startup Genies raised $150 million in April, the company released an unusual message to the public: “Farewell.”

The Marina del Rey-based unicorn, which makes cartoon-like avatars for celebrities and aims to “build an avatar for every single person on Earth,” didn’t go under. Rather, Genies announced it would stay quiet for a while to focus on building avatar-creation products.

Genies representatives told dot.LA that the firm is now seeking more creators to try its creation tools for 3D avatars, digital fashion items and virtual experiences. On Thursday, the startup launched a three-week program called DIY Collective, which will mentor and financially support up-and-coming creatives.

Read moreShow less

Here's What To Expect At LA Tech Week

Christian Hetrick

Christian Hetrick is dot.LA's Entertainment Tech Reporter. He was formerly a business reporter for the Philadelphia Inquirer and reported on New Jersey politics for the Observer and the Press of Atlantic City.

Here's What To Expect At LA Tech Week

LA Tech Week—a weeklong showcase of the region’s growing startup ecosystem—is coming this August.

The seven-day series of events, from Aug. 15 through Aug. 21, is a chance for the Los Angeles startup community to network, share insights and pitch themselves to investors. It comes a year after hundreds of people gathered for a similar event that allowed the L.A. tech community—often in the shadow of Silicon Valley—to flex its muscles.

From fireside chats with prominent founders to a panel on aerospace, here are some highlights from the roughly 30 events happening during LA Tech Week, including one hosted by dot.LA.

Read moreShow less

Behind Her Empire: AAVRANI Co-Founder Rooshy Roy On Redefining Success and Embracing Identity

Yasmin Nouri

Yasmin is the host of the "Behind Her Empire" podcast, focused on highlighting self-made women leaders and entrepreneurs and how they tackle their career, money, family and life.

Each episode covers their unique hero's journey and what it really takes to build an empire with key lessons learned along the way. The goal of the series is to empower you to see what's possible & inspire you to create financial freedom in your own life.

AAVRANI Co-Founder Rooshy Roy
Photo courtesy of AAVRANI

Growing up in the suburbs of Detroit, Rooshy Roy said, as the only Indian girl in school, she spent a lot of time feeling like an outsider and like she wasn’t meeting others’ expectations of “how an Indian girl should behave.”

Flash forward 20 years, and the differences Roy was once ashamed of are now the inspiration for her skincare company.

Read moreShow less
RELATEDEDITOR'S PICKS
LA TECH JOBS
interchangeLA
Trending