Several Ring home cameras breached, recycled passwords likely to blame
Multiple reports have surfaced this month from Ring home camera users stating that unknown parties have been able to access the devices. Four families in Mississippi, Connecticut, Florida, and Georgia have all said that hackers turned on their Ring cameras or used the built-in speakers to make contact with members of their households.
Many families use Ring’s internet-connected cameras to monitor rooms in their houses, particularly children’s rooms, for an added sense of security. However, it seems that malicious parties or pranksters were able to access those same cameras to spy on and terrorize members of the households, including children.
Ring investigated the claims but found “no evidence of an unauthorized intrusion or compromise of Ring’s systems or network.” Rather, the company blames an external leak of user data that breached non-Ring services. Those breaches likely leaked usernames and passwords that had also been used for the families’ Ring cameras.
Herein lies one of the key weaknesses of the Internet of Things (IoT) and connected devices. If users recycle usernames and passwords, it’s more likely that their credentials can fall into the hands of bad actors through the myriad of data breaches that occur each year. That gives malicious parties easy access to connected devices that rely on the same authentication. IoT devices are typically much more personal than most online accounts as they operate within the users’ homes and often interact directly with people and members of the household.
If you have an IoT device like a Ring camera, smart speaker, or other smarthome device, it’s paramount that you use separate usernames and passwords for each. This will help to prevent unknown parties from gaining easy access to the device. Keep in mind that no system is 100% secure, so full caution should be taken before setting up an IoT device in your home.