Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Ring Is Making Extra Security Mandatory After Hacks, Lawsuit

Ring unveiled new security steps for customers when logging into their doorbell camera accounts, making two-factor authentication mandatory as the Santa Monica-based company battles criticism about privacy and unauthorized access to its technology.

The Amazon-owned company said in a blog post on Tuesday that the change is now rolling out to customers, and adds authentication to help "prevent unauthorized users from gaining access to your Ring account, even if they have your username and password." Users receive a one-time, six-digit code via SMS or email, and must enter that in before they can access the Ring account.

The beefed-up security measures come in response to a slew of reports of hacks, including one where a hacker was able to watch and communicate with an 8 year-old girl. The Amazon.com, Inc.-owned company unveiled its new privacy dashboard at the start of 2020 that allows people to see who has access to their device, but did not make two-factor authentication mandatory at the time.

"Our account safety and security is our priority," said Leila Rouhi, Ring's president. "We will stay vigilant and continue to give you more transparency and control over your devices and personal information, and help keep your home and Ring account secure and protected."

The authentication change also comes as a new federal lawsuit looms about privacy concerns. Amazon.com and Ring were sued in federal court in Los Angeles on Dec. 26, by a man who said his kids were playing basketball when a voice came on their Ring device's two-way speaker system commenting on their play and encouraging them to get closer to the camera. The plaintiff, John Baker Orange of Jefferson County, Alabama, then changed his password and enabled two-factor authentication. His password was previously "medium-strong" the lawsuit states.

The lawsuit filed as a class action states that the company has "attempted to distance itself from liability by blaming customers for failing to create strong security passwords" when their devices are hacked. But "it is Ring who failed to provide sufficiently robust security measures such as two-factor authentication and other protocols necessary to maintain the integrity and inviolability of its cameras.

"As a result of Ring's defective design, and its failure to imbue its WiFi cameras with sufficient security protocols, its customers' most basic privacy rights were violated along with the security and sanctity of their homes."

More recently, the company has been hit with criticisms about its sharing of user data with third-party service providers. Rouhi noted that the company will immediately put a temporary pause on the use of "most" third-party analytics services in the Ring apps and websites, while it works on giving users abilities to opt out of sharing their data with third-parties. Those additional options will be available in early Spring, Rouhi wrote.

Beginning this week, users will be able to opt out of sharing their information with third-party service providers for personalized ads.

Image courtesy of Ring

A look at the Ring app "Control Center" and how to inform the company as to whether two-step verification should be sent as an SMS or email.

"You might think you built this amount of trust with Ring because there's this app that protects the home. But in reality they're sending that data to third parties, they're partnering with law enforcement across the country without their customer knowledge, they've been the subject of hacks that have revealed user passwords, and then they blame the customer for it," said William Budington, a senior staff technologist for the Electronic Frontier Foundation, a nonprofit digital rights advocacy group, in a recent interview with dot.LA.


Do you have a story that needs to be told? My DMs are open on Twitter @latams. You can also email me, or ask for my Signal.

Subscribe to our newsletter to catch every headline.

On this week's episode of Office Hours, you'll hear from Gregg Renfrew, serial entrepreneur and founder of clean beauty company, Beauty Counter. She also serves on the board of directors of Supernova, my special purpose acquisition company.

Read more Show less

Despite — or in many cases because of — the raging pandemic, 2020 was a great year for many tech startups. It turned out to be an ideal time to be in the video game business, developing a streaming ecommerce platform for Gen Z, or helping restaurants with their online ordering.

But which companies in Southern California had the best year? That is highly subjective of course. But in an attempt to highlight who's hot, we asked dozens of the region's top VCs to weigh in.

We wanted to know what companies they wish they would have invested in if they could go back and do it all over again.

Read more Show less