Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- COVID-19 Data-Sharing App Leaked Healthcare Worker Info
November 11, 2020
A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web and Android apps allowed for unauthorized users to access private data about the platform’s users and ...
- Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak
November 9, 2020
A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details. Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia ...
- GrowDiaries Exposes Emails, Passwords of 1.4M Cannabis Growers
November 4, 2020
A database linked to GrowDiaries, an online community of cannabis growers, has exposed more than a million users’ email addresses, passwords, IP address records and posts. GrowDiaries is a robust online community of cannabis growing enthusiasts from around the world, where they can share tips, tricks and pictures of their progress. On Oct. 10, researcher Volodymyr ...
- Marriott fined £18.4 million by UK watchdog over customer data breach
November 2, 2020
The Information Commissioner’s Office (ICO) has fined Marriott £18.4 million over a 2014 data breach, heavily reducing the penalty originally planned due to COVID-19 disruption. The Marriot hotel group was subject to a 2014 data breach impacting the Starwood resort chain, acquired by Marriott in 2015. At the time, threat actors were able to infiltrate Starwood systems ...
- Abandoned Hunter Biden’s laptop contained phone numbers for the Clintons, Secret Service officers and most of the Obama cabinet
November 1, 2020
The son of the man expected by many to be America’s next President abandoned a laptop containing a treasure trove of top-secret material, including his father’s private emails and mobile phone numbers, The Mail on Sunday can reveal. In an astonishing lapse, Hunter Biden chose to protect his MacBook Pro computer – crammed with what an ...
- Hacker is selling 34 million user records stolen from 17 companies
October 31, 2020
A threat actor is selling account databases containing an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches. On October 28th, a data breach broker created a new topic on a hacker forum to sell the stolen user databases for seventeen companies. In a conversation with BleepingComputer, the ...