Source: Android Central
What you need to know
- The credentials and user data of 3,600 cameras have been leaked online.
- This includes log-in emails, passwords, and camera nicknames.
- An additional cache belonging to 1,500 users have also been discovered for sale on the dark web. It's not yet clear whether these are from the same data set or if it's an additional leak.
Smart home security firm, Ring has been caught in a cycle of screwup after screwup, but this one might just be the most egregious. The firm has, according to a report from Buzzfeed News, had the data of 3,600 users leaked online. This data included usernames, passwords, and information about the cameras like what they were named — hinting at their location in users' homes. Another leak of 1,500 users was also discovered for sale on the dark web (as reported by TechCrunch.) Much like the earlier leak, the data contained in was much of the same.
While Ring has yet to comment on the latter leak, a spokesperson told Buzzfeed the following regarding the former:
Ring has not had a data breach. Our security team has investigated these incidents and we have no evidence of an unauthorized intrusion or compromise of Ring's systems or network. It is not uncommon for bad actors to harvest data from other company's data breaches and create lists like this so that other bad actors can attempt to gain access to other services.
Ring's reasoning here is a bit confusing. It's true that on the one hand, you could argue that bad actors may have matched the credentials of Ring users to accounts originating from other breaches. On the other hand, as security researcher Cooper Quintin notes, the information in the dump contained Ring specific information that could not have come from another firm's credential dump. It's unlikely that a Gmail breach, for instance, would contain the nicknames and locations of a ring account. Ring may dispute a data breach through its spokespeople, but its explanation leaves something to be desired.
Smart cameras probably help more than they harm when it comes to home security, but like with all things security-oriented, it's only as strong as its weakest link. Ring's data breaches have, unfortunately, been eroding customer trust in the firm, and its response here can't possibly help matters. The best thing for current Ring users to do right now is to secure their devices as best as they can while the company gets its act together. Enabling two-factor authentication is probably a good start.
How to secure your Ring account with two-factor authentication (2FA)
The OnePlus 8 and 8 Pro will reportedly be announced next month
OnePlus' next flagship phones could be here as soon as next month..
The Google Play Store is getting a dark theme toggle
You may soon be able to switch between dark and light modes on the Play Store app with a dedicated theme toggle.
Are you going to use a screen protector on your Galaxy S20?
The Galaxy S20 has a gorgeous 120Hz AMOLED display, and keeping it safe is a must. If you're getting the phone, do you plan on picking up a screen protector to go along with it?
Make your smart home even smarter with these smart surge protectors
While it's important to have a surge protector for your more valuable electronics, "normal" surge protectors are boring. We have found some of the best surge protectors that are equipped with "smarts" like being controlled by Amazon Alexa or Google Assistant.
