What you need to know
- The credentials and user data of 3,600 cameras have been leaked online.
- This includes log-in emails, passwords, and camera nicknames.
- An additional cache belonging to 1,500 users have also been discovered for sale on the dark web. It's not yet clear whether these are from the same data set or if it's an additional leak.
Smart home security firm, Ring has been caught in a cycle of screwup after screwup, but this one might just be the most egregious. The firm has, according to a report from Buzzfeed News, had the data of 3,600 users leaked online. This data included usernames, passwords, and information about the cameras like what they were named — hinting at their location in users' homes. Another leak of 1,500 users was also discovered for sale on the dark web (as reported by TechCrunch.) Much like the earlier leak, the data contained in was much of the same.
While Ring has yet to comment on the latter leak, a spokesperson told Buzzfeed the following regarding the former:
Ring has not had a data breach. Our security team has investigated these incidents and we have no evidence of an unauthorized intrusion or compromise of Ring's systems or network. It is not uncommon for bad actors to harvest data from other company's data breaches and create lists like this so that other bad actors can attempt to gain access to other services.
Ring's reasoning here is a bit confusing. It's true that on the one hand, you could argue that bad actors may have matched the credentials of Ring users to accounts originating from other breaches. On the other hand, as security researcher Cooper Quintin notes, the information in the dump contained Ring specific information that could not have come from another firm's credential dump. It's unlikely that a Gmail breach, for instance, would contain the nicknames and locations of a ring account. Ring may dispute a data breach through its spokespeople, but its explanation leaves something to be desired.
Smart cameras probably help more than they harm when it comes to home security, but like with all things security-oriented, it's only as strong as its weakest link. Ring's data breaches have, unfortunately, been eroding customer trust in the firm, and its response here can't possibly help matters. The best thing for current Ring users to do right now is to secure their devices as best as they can while the company gets its act together. Enabling two-factor authentication is probably a good start.
Could you replace your home internet with just your phone's data plan?
In-home internet is an expensive monthly bill. If you had to, could you cancel it and rely solely on your phone's data plan?
Qualcomm's new wearables chip is still generations behind the competition
The Snapdragon 4100 series is a big improvement over what we had before, but is still literally generations behind the competition — and it's going to show in the consumer products.
ASUS to unveil the ROG Phone 3 at a ‘Game Changer’ event on July 22
The much-awaited ASUS ROG Phone 3 will break cover at the company's 'Game Changer' event on July 22. ASUS' upcoming flagship gaming phone is expected to be powered by Qualcomm's unannounced Snapdragon 865+ chipset.
Keep your products safe and take make your home even smarter with these
While it's important to have a surge protector for your more valuable electronics, "normal" surge protectors are boring. We have found some of the best surge protectors that are equipped with "smarts" like being controlled by Amazon Alexa or Google Assistant.