Security & Fraud

Thousands Of Amazon Ring Passwords Leaked On Dark Web

A new security lapse has been involved with Amazon’s Ring security cameras this week.

On Tuesday (Dec. 17), a list of 1,562 Ring passwords and unique email addresses were uploaded to an unknown dark web text-sharing website, according to reports. The dark web site is frequently used for sharing stolen passwords and illegal information.

A security researcher found the passwords and email addresses on the dark web were all associated with Ring’s smart security video doorbell passwords.

He also identified that the same collection of passwords and email addresses could be used to log into Ring user accounts and access their video cameras. Hackers were able to view a Ring user’s time zone and know the exact location of their doorbells.

BuzzFeed News wrote on Thursday (Dec. 19) that a related collection of illegal data posted online were from more than 3,600 Ring doorbells.

Ring denied any claims that the company’s data was compromised.

“Our security team has investigated these incidents and we have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network,” said a company spokesperson to BuzzFeed. “It is not uncommon for bad actors to harvest data from other company’s data breaches and create lists like this so that other bad actors can attempt to gain access to other services.”

The illicit data can give user access to hackers to gain control of Ring devices located in the customer’s home, including access to video data histories if settings are enabled.

To access any customer’s Ring account, anyone who holds a password and working email address is able to log into a person’s Ring account. They can then obtain a customer’s address, some payment information and phone number.

Recent reports from last week highlighted real hackers breaking into Ring video cameras throughout the U.S. On Tuesday (Dec. 17), Motherboard tested and confirmed the cameras had “shoddy” security measures. The company has also come under fire by lawmakers for having a close relationship with U.S. law enforcement agencies.

The latest news marks the home security and smart home company’s second reported leak to date. Ring’s spokesperson also added to BuzzFeed, the company will notify any customers who were affected in this incident, requiring them to reset their passwords.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.