Cyber AttacksData Breaches

Amazon’s Ring let employees unrestricted access to customer videos

0

Amazon’s Ring security cameras had supposedly given unrestricted access to the company’s Ukraine-based research and development team and also the U.S. executives and engineers virtually round the clock to the customers live video feeds.

The employees were able to access a folder on Amazon’s S3 cloud storage service which has every video created by all the Ring cameras around the world. All these videos could be searched by using the customer’s email address. However, Ring denied this issue.

A database that linked each video to the respective Ring customer was also given to the team. While they were given access to the videos it was stored in unencrypted form.

Reports says that the decision to give access to the Ukraine team was due to the weaknesses of the firm’s in-house facial and object recognition software which had some issues in distinguishing the differences between people and animals that leads to giving false alerts to customers.

According to the source, they claim that they haven’t personally witnessed any abuse of data. A Ring spokesperson denied the claims and stated that they have not provided any of their employees with access to livestreams of Ring devices.

They consider the privacy and security of their customers seriously and to improve their service they have viewed and annotated some Ring video recording but they are all recordings sourced exclusively from publicly shared Ring videos from the Neighbors app and also from few Ring users who have given them written consent to allow access and use their videos.

This is not the first time Ring has been accused of violations of privacy. Last May it was reported that the company has a security flaw that let users logged into Ring’s app to maintain access to the account even after changing the password. The company was acquired by Amazon last year in a deal reportedly valued at around $1 billion.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Modlishka Tool can bypass two-factor authentication

    Previous article

    Cryptopia cryptocurrency exchange hit by security breach

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *