Endpoint Security , Fraud Management & Cybercrime , Social Media

Ring Login Issues Wednesday Stem From System Error, Not Hack

A System Error Fueled Ring's Login Issues Wednesday Despite Tweets to the Contrary
Ring Login Issues Wednesday Stem From System Error, Not Hack
Photo: Ring

Amazon pushed back Wednesday on social media buzz that hackers penetrated the network of home surveillance device Ring, attributing consumer logon errors to a back-end system error made during a routine system update.

See Also: Top Cybercrime Tactics and Techniques; Attention-grabbing Threats in Q1 2017

Security researcher Kevin Beaumont tweeted a screenshot of a self-described Ring user who has 34 followers and who wrote "@ring, my account was hacked and I can't recover my account the hacker is making vulgar comments towards me and my neighbors through the door bell."

The user, Aaron Manville, responded to an online comment four minutes later, stating, "I believe they are hacked someone has been making vulgar and nasty comments towards me and my neighbors through my door bell camera." Ring also responded to Manville's original tweet, asking him to send the Amazon subsidiary a direct message with additional details.

A Ring spokesperson told Information Security Media Group that as of late afternoon Wednesday, the company is unable to confirm if Manville is a customer.

It is true that some users were unable to log into their accounts, the spokesperson acknowledged. The service interruption didn't stem from a hack and has been resolved, the company says.

Ring's Security Practices in the Crosshairs

If hackers did manage to get inside a Ring device today, it wouldn't be the first time. The Washington Post reported in 2019 that several Ring users reported their systems had been infiltrated by hackers who harassed them through the camera's two-way talk feature, including a man who repeatedly directed racial slurs at an 8-year-old via a Ring device in her bedroom.

A spokesperson for Ring told the Post at the time that what happened to the girl didn't stem from a breach or compromise of Ring's security. Instead, the bad actors reused credentials stolen or leaked from other services. That's the same explanation Ring provided in December 2019 after hackers told a Texas couple to pay a ransom or "get terminated."

That same month, Motherboard found that Ring's software did not implement basic security features, allowing the publication to access a Ring account from IP addresses based in multiple countries without warning the user. In response, Ring encouraged its users to follow security best practices to ensure their accounts stay secure.

In early 2020, Ring began mandating the use of multifactor authentication for all users to help stop the takeover of the web-connected home security cameras. At the same time, the company launched a Control Center to help users see if they have multifactor authentication enabled, what devices are connected to their accounts, and what third-party services have access.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.