Cyber Attack cyber

Ring

Jul 22, 2025 1 min read
Ring

Ring, a subsidiary of Amazon, faced a significant issue on May 28th when customers reported unauthorized devices logged into their accounts from various locations worldwide. While Ring attributed this to a backend update bug, customers remained skeptical, citing unknown devices and strange IP addresses. The company's explanation was met with disbelief, as users saw logins from countries they had never visited and devices they did not recognize. Additionally, some users reported live view activity during times when no one accessed the app and missed security alerts or multi-factor authentication prompts. Ring's lack of clarity and the persistence of the issue have raised concerns among customers about potential security breaches.

Source: https://www.bleepingcomputer.com/news/security/ring-denies-breach-after-users-report-suspicious-logins/

TPRM report: https://scoringcyber.rankiteo.com/company/ring-labs

"id": "rin709072225",
"linkid": "ring-labs",
"type": "Cyber Attack",
"date": "7/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Ring',
                        'type': 'Company'}],
 'attack_vector': 'Backend Update Bug',
 'customer_advisories': ['Ring users should review authorized devices from the '
                         "app's Control Center > Authorized Client Devices "
                         'section. If any devices or logins are not '
                         'recognized, they should be removed immediately.'],
 'date_detected': '2023-05-28',
 'description': 'Ring customers reported seeing unusual devices logged into '
                'their accounts from various locations worldwide, leading them '
                'to believe their accounts had been hacked. Ring attributed '
                'this to a backend update bug.',
 'impact': {'customer_complaints': ['Users reported unknown devices and '
                                    'strange IP addresses',
                                    'Users reported live view activity without '
                                    'household access',
                                    'Users reported not receiving security '
                                    'alerts or MFA prompts'],
            'systems_affected': 'Ring Accounts'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'root_causes': 'Backend Update Bug'},
 'recommendations': ['Review authorized devices',
                     'Change account password',
                     'Enable two-factor authentication'],
 'references': [{'source': 'BleepingComputer'}],
 'response': {'communication_strategy': ['Ring posted on Facebook and updated '
                                         'its status page'],
              'remediation_measures': ['Ring is deploying a fix']},
 'title': 'Ring Backend Update Bug Causes Unauthorized Device Logins',
 'type': 'Bug/Exploit',
 'vulnerability_exploited': 'Backend Update Bug'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.