A lawsuit was filed in the U.S. District Court of the Central District of California targeting Amazon and Ring’s alleged negligence with regard to security practices.
12.30.19 – SSI – SANTA MONICA, Calif.
Ring and Amazon have come under fire in recent weeks due to a rise of incidents in which hackers gained control of a user’s Ring security camera and begin to speak through it.
Motherboard even discovered that hackers created a tool specifically for compromising Ring cameras.
In addition to scrutiny from these events, Ring and Amazon now have to contend will a class action lawsuit filed by Alabama resident John Baker Orange.
Orange claims a hacker talked to his children through his Ring camera while they were outside playing basketball.
The lawsuit was filed last Thursday in the U.S. District Court of the Central District of California, which makes it a federal lawsuit.
The lawsuit targets Amazon and Ring’s alleged negligence with regard to security practices. After the rise of hackings, Ring released a statement saying the incidents were in no way related to a breach or compromise of the company’s security.
Instead, it blamed the security breaches on poor password practices and the lack of utilizing two-factor authentication. However, Ring does not make two-factor authentication a requirement.
The lawsuit holds Ring responsible for damages due to negligence, invasion of privacy, breach of the implied warranty, breach of the implied contract, unjust enrichment and unfair competition.
The total aggregated claims of class members in the suit exceed $5 million, exclusive of interests and costs.
Using default credentials, reusing passwords and not enabling two-factor authentication makes it easy for hackers to infiltrate IoT devices. It’s time for manufacturers to make two-factor authentication a must and end the use of default login credentials.
Until that happens, it’s up to you to protect yourself and/or your customers.
You can view the lawsuit, here.