Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Tami Abdollah

Tami Abdollah was dot.LA's senior technology reporter. She was previously a national security and cybersecurity reporter for The Associated Press in Washington, D.C. She's been a reporter for the AP in Los Angeles, the Los Angeles Times and for L.A.'s NPR affiliate KPCC. Abdollah spent nearly a year in Iraq as a U.S. government contractor. A native Angeleno, she's traveled the world on $5 a day, taught trad climbing safety classes and is an avid mountaineer. Follow her on Twitter.

Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Ring unveiled new security steps for customers when logging into their doorbell camera accounts, making two-factor authentication mandatory as the Santa Monica-based company battles criticism about privacy and unauthorized access to its technology.

The Amazon-owned company said in a blog post on Tuesday that the change is now rolling out to customers, and adds authentication to help "prevent unauthorized users from gaining access to your Ring account, even if they have your username and password." Users receive a one-time, six-digit code via SMS or email, and must enter that in before they can access the Ring account.

The beefed-up security measures come in response to a slew of reports of hacks, including one where a hacker was able to watch and communicate with an 8 year-old girl. The Amazon.com, Inc.-owned company unveiled its new privacy dashboard at the start of 2020 that allows people to see who has access to their device, but did not make two-factor authentication mandatory at the time.

"Our account safety and security is our priority," said Leila Rouhi, Ring's president. "We will stay vigilant and continue to give you more transparency and control over your devices and personal information, and help keep your home and Ring account secure and protected."

The authentication change also comes as a new federal lawsuit looms about privacy concerns. Amazon.com and Ring were sued in federal court in Los Angeles on Dec. 26, by a man who said his kids were playing basketball when a voice came on their Ring device's two-way speaker system commenting on their play and encouraging them to get closer to the camera. The plaintiff, John Baker Orange of Jefferson County, Alabama, then changed his password and enabled two-factor authentication. His password was previously "medium-strong" the lawsuit states.

The lawsuit filed as a class action states that the company has "attempted to distance itself from liability by blaming customers for failing to create strong security passwords" when their devices are hacked. But "it is Ring who failed to provide sufficiently robust security measures such as two-factor authentication and other protocols necessary to maintain the integrity and inviolability of its cameras.

"As a result of Ring's defective design, and its failure to imbue its WiFi cameras with sufficient security protocols, its customers' most basic privacy rights were violated along with the security and sanctity of their homes."

More recently, the company has been hit with criticisms about its sharing of user data with third-party service providers. Rouhi noted that the company will immediately put a temporary pause on the use of "most" third-party analytics services in the Ring apps and websites, while it works on giving users abilities to opt out of sharing their data with third-parties. Those additional options will be available in early Spring, Rouhi wrote.

Beginning this week, users will be able to opt out of sharing their information with third-party service providers for personalized ads.

Image courtesy of Ring

An image of the new required two-factor authentication that will greet users when they go to login to the Ring app. They will receive a unique six-number code via text or email to enter into their phone.

"You might think you built this amount of trust with Ring because there's this app that protects the home. But in reality they're sending that data to third parties, they're partnering with law enforcement across the country without their customer knowledge, they've been the subject of hacks that have revealed user passwords, and then they blame the customer for it," said William Budington, a senior staff technologist for the Electronic Frontier Foundation, a nonprofit digital rights advocacy group, in a recent interview with dot.LA.


Do you have a story that needs to be told? My DMs are open on Twitter @latams. You can also email me, or ask for my Signal.


Subscribe to our newsletter to catch every headline.


How Real-Time Data Is Helping Physicians Track Their Patients, One Heartbeat at a Time

S.C. Stuart
S.C. Stuart is a foreign correspondent (ELLE China, Esquire Latin America), Contributing Writer at Ziff Davis PCMag, and consults as a futurist for Hollywood Studios. Previously, S.C. was the head of digital at Hearst Magazines International while serving as a Non-Executive Director, UK Trade & Investment (US) and Digital Advisor at The Smithsonian.
How Real-Time Data Is Helping Physicians Track Their Patients, One Heartbeat at a Time

Are you a human node on a health-based digital network?

According to research from Insider Intelligence, the U.S. smart wearable user market is poised to grow 25.5% in 2023. Which is to say, there are an increasing number of Angelenos walking around this city whose vital signs can be tracked day and night via their doctor's digital device. If you've signed up to a health-based portal via a workplace insurance scheme, or through a primary care provider's portal which utilizes Google Fit, you’re one of them.

Do you know your baseline health status and resting heartbeat? Can you track your pulse, and take your own blood pressure? Have you received genetic counseling based on the sequencing of your genome? Do you avoid dairy because it bloats, or because you know you possess the variant that indicates lactose intolerance?

Read moreShow less

Who Will Win LA's E-scooter Wars?

Maylin Tu
Maylin Tu is a freelance writer who lives in L.A. She writes about scooters, bikes and micro-mobility. Find her hovering by the cheese at your next local tech mixer.
Who Will Win LA's E-scooter Wars?
Evan Xie

Los Angeles — it’s not just beautiful weather, traffic and the Hollywood Walk of Fame — it’s also the largest shared micromobility market in the U.S. with six operators permitted to deploy up to 6,000 vehicles each.

And despite the open market policy, the competition shows no signs of slowing down.

Read moreShow less