cyber Breach

Ring

Jul 5, 2022 1 min read
Ring

A security flaw in Ring’s Neighbors app exposed the precise locations and home addresses of users who had posted to the app.

It included the videos taken by Ring doorbells and security cameras and the bug made it possible to retrieve the location data of users who posted to the app.

The bug retrieved the hidden data, including the user’s latitude and longitude and their home address, from Ring’s servers.

The hackers also created tools to break into Ring accounts and over 1,500 user account passwords were found on the dark web.

Source: https://techcrunch.com/2021/01/14/ring-neighbors-exposed-locations-addresses/

TPRM report: https://scoringcyber.rankiteo.com/company/ring-labs

"id": "rin01518622",
"linkid": "ring-labs",
"type": "Breach",
"date": "01/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Ring',
                        'type': 'Company'}],
 'attack_vector': 'Exploitation of Software Vulnerability',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 1500,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Home addresses',
                                              'Latitude and longitude',
                                              'User account passwords']},
 'description': 'A security flaw in Ring’s Neighbors app exposed the precise '
                'locations and home addresses of users who had posted to the '
                'app. It included the videos taken by Ring doorbells and '
                'security cameras and the bug made it possible to retrieve the '
                'location data of users who posted to the app. The bug '
                'retrieved the hidden data, including the user’s latitude and '
                'longitude and their home address, from Ring’s servers. The '
                'hackers also created tools to break into Ring accounts and '
                'over 1,500 user account passwords were found on the dark web.',
 'impact': {'data_compromised': ['Home addresses',
                                 'Latitude and longitude',
                                 'User account passwords'],
            'systems_affected': 'Ring Neighbors app'},
 'initial_access_broker': {'data_sold_on_dark_web': True,
                           'entry_point': 'Security flaw in Neighbors app'},
 'motivation': 'Data Theft',
 'threat_actor': 'Hackers',
 'title': 'Ring Neighbors App Security Flaw',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Security flaw in Neighbors app'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.