Many people were terrified to hear the story in December 2019 about a couple who discovered someone had hacked the Ring camera in their 8 year-old daughter’s bedroom and had been talking to their daughter through the build-in speaker. Original article: https://www.nytimes.com/2019/12/15/us/Hacked-ring-home-security-cameras.html
After the hack (and many others that subsequently came to light), Ring came out and essentially blamed users for the hacks, stating that their internal security and data systems had NOT been compromised. The company blamed users for re-using old passwords and explained that hackers had been able to infiltrate the cameras the fashioned way, by using users’ login credentials to gain access to their devices.
A new class action lawsuit alleges this is false. The parents of the 8 year old girl mentioned in the original article are part of this lawsuit, as are a couple who both say they used unique 14 and 16 character passwords for their Ring security cameras. The couple’s Ring camera was hacked in December with hackers blaring sirens and demanding they pay a 50 bitcoin ransom.
https://www.vox.com/recode/2020/1/17/21068703/amazon-ring-hacks-lawsuit-passwords
While there is no final answer yet regarding whether this series of Ring camera hacks was the result of an internal Ring security issue or due to users’ login credentials being compromised, this story highlights a common theme in the area of technology and privacy whereby technology companies attempt to deflect blame for data breaches by shifting the onus onto the consumer. While end-users may sometimes be rightfully to blame in the strictest sense of the term, tech companies bear some responsibility for creating products and services that are perhaps too complicated for the average person to actually use in a secure and safe way. Until government regulation challenges tech companies to take responsibility for these kinds of issues, consumers ultimately pay the price.