Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- FBI shares 4 million email addresses used by Emotet with Have I Been Pwned
April 27, 2021
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency’s effort to clean infected computers. Individuals and domain owners can now learn if Emotet impacted their accounts by searching the database with email addresses stolen by the malware. Read more… Source: ...
- Hacker leaks 20 million alleged BigBasket user records for free
April 25, 2021
A threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed passwords on a popular hacking forum. BigBasket is a popular Indian online grocery delivery service that allows people to shop online for food and deliver it to their homes. Read more… Source: Bleeping Computer
- Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation
April 23, 2021
Between October 2020 and February 2021, Unit 42 researchers periodically scanned and analyzed unsecured Kubernetes (also known as k8s) clusters on the internet. Kubernetes clusters can and should be configured for greater security, but when left unsecured, these clusters can be accessed anonymously by anyone who knows their IPs, ports and APIs. Researchers identified 2,100 ...
- GEICO Alerts Customers Hackers Stole Driver License Data for Two Months
April 20, 2021
Threat actors stole driver license numbers from customers of GEICO insurance for nearly two months earlier this year due to a security flaw on its website that has since been fixed. The second-largest auto insurance provider in the United States disclosed the vulnerability in a data breach notice filed earlier this month with the California attorney ...
- Report: Aussie biz Azimuth cracked San Bernardino shooter’s iPhone, ending Apple-FBI privacy standoff
April 14, 2021
Australian security firm Azimuth has been identified as the experts who managed to crack a mass shooter’s iPhone that was at the center of an encryption standoff between the FBI and Apple. Until this week it had largely been assumed that Israeli outfit Cellebrite was hired to forcibly unlock an encrypted iPhone 5C used by Syed ...
- Data from 500M LinkedIn Users Posted for Sale Online
April 9, 2021
Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers and other ...