Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- Twitch source code, business data, gamer payouts leaked in massive hack
October 6, 2021
An unknown hacker has leaked the entirety of Twitch’s source code among a 128 GB trove of data released this week. The hack, first reported by Video Games Chronicle and confirmed by multiple sources, includes: The entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and console Twitch clients Creator payout reports from 2019 Proprietary ...
- The Telegraph exposes 10 TB database with subscriber info
October 5, 2021
‘The Telegraph’, one of the UK’s largest newspapers and online media outlets, has leaked 10 TB of data after failing to properly secure one of its databases. The exposed information includes internal logs, full subscriber names, email addresses, device info, URL requests, IP addresses, authentication tokens, and unique reader identifiers. Bob Diachenko, the researcher who discovered the ...
- 3.1M Neiman Marcus Customer Card Details Breached
October 1, 2021
Dallas-based Neiman Marcus Group is known worldwide as the go-to luxury retailer for the well-heeled. But their reputation for impeccable quality just took a big hit with revelations that the company was breached by an attacker back in May 2020. It took 17 months for the retailer to notice. Just this week, Neiman Marcus acknowledged the compromise, ...
- Database containing personal info on 106m people who traveled to Thailand found open to the internet – report
September 21, 2021
A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week. Bob Diachenko, head of cybersecurity research at product-comparison website Comparitech, said the Elasticsearch data store contained visitors’ full names, passport numbers, arrival dates, visa types, residency status, and more. It ...
- UK: 250 Afghan interpreters’ details in data breach, MoD confirms
September 21, 2021
The Ministry of Defence has launched an investigation into a data breach involving the details of 250 Afghan interpreters. An MoD spokeswoman told Sky News 250 email addresses are part of the breach, but it is not yet known if they contain the names or photos of the translators involved. The breach was carried out by the ...
- Airline Credential-Theft Takes Off in Widening Campaign
September 16, 2021
A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about ...