Some of Our Sources
- TutsPlus - Code
- Pearsonified
- Naldz Graphics
- My Ink Blog
- Line 25
- Wal You
- CSS Tricks
- Spyre Studios
- Design Modo
- Willems Lab
Help Webnuz
Referal links:
December 19, 2019 11:30 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BBXa7I82yfE/a-data-leak-exposed-the-personal-info-of-over-3000-ring-users
A Data Leak Exposed the Personal Info of Over 3,000 Ring Users
The log-in credentials for 3,672 Ring camera owners were compromised this week, exposing log-in emails, passwords, time zones, and the names people give to specific Ring cameras, which are often the same as camera locations, such as "bedroom" or "front door." BuzzFeed News reports: Using the log-in email and password, an intruder could access a Ring customer's home address, telephone number, and payment information, including the kind of card they have, and its last four digits and security code. An intruder could also access live camera footage from all active Ring cameras associated with an account, as well as a 30- to 60-day video history, depending on the user's cloud storage plan. We don't know how this tranche of customer information was leaked. Ring denies any claims that the data was compromised as a part of a breach of Ring's systems. A Ring spokesperson declined to tell BuzzFeed News when it became aware of the leak or whether it affected a third party that Ring uses to provide its services. Security experts told BuzzFeed News that the format of the leaked data -- which includes username, password, camera name, and time zone in a standardized format -- suggests it was taken from a company database. They said data obtained via credential stuffing -- when previously-compromised emails and passwords are used to get access to other accounts -- would likely not display Ring-specific data like camera names or time zone. BuzzFeed News was alerted to the leak by a security researcher, who claimed he used a web crawler to search the internet for any data leaks pertaining to Ring accounts. The security researcher found the list of compromised credentials posted anonymously on a text storage site. "Ring has not had a data breach. Our security team has investigated these incidents and we have no evidence of an unauthorized intrusion or compromise of Ring's systems or network," a Ring spokesperson said. "It is not uncommon for bad actors to harvest data from other company's data breaches and create lists like this so that other bad actors can attempt to gain access to other services."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BBXa7I82yfE/a-data-leak-exposed-the-personal-info-of-over-3000-ring-users
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot