Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware
January 17, 2018
Security researchers have spotted a new malware campaign in the wild that spreads an advanced botnet malware by leveraging at least three recently disclosed vulnerabilities in Microsoft Office. Dubbed Zyklon, the fully-featured malware has resurfaced after almost two years and primarily found targeting telecommunications, insurance and financial services. Active since early 2016, Zyklon is an HTTP botnet malware ...
- Potent Skygofree Malware Packs ‘Never-Before-Seen’ Features
January 17, 2018
Researchers have identified a powerful new Android malware strain called Skygofree capable of eavesdropping on WhatsApp messages, siphoning private data off phones and allowing adversaries to open reverse shell modules on targeted devices, giving attackers ultimate remote control. Researchers said the malware was developed three years ago and has evolved significantly since then to include 48 ...
- LeakedSource Founder Arrested for Selling 3 Billion Stolen Credentials
January 16, 2018
Canadian authorities have arrested and charged an Ontario man for operating a website that collected ‘stolen’ personal identity records and credentials from some three billion online accounts and sold them for profit. According to the Royal Canadian Mounted Police (RCMP), the 27-year-old Jordan Evan Bloom of Thornhill is the person behind the notorious LeakedSource.com—a major repository that compiled public ...
- Nissan Finance Canada Suffers Data Breach — Notifies 1.13 Million Customers
December 21, 2017
It’s the last month of this year, but possibly not the last data breach report. Nissan warns of a possible data breach of personal information on its customers who financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada. Although the company says it does not know precisely how many customers were affected by the ...
- No hack needed: Anonymisation beaten with a dash of SQL
December 18, 2017
Governments should not release anonymised data that refers to individuals, because re-identification is inevitable. That’s the conclusion from Melbourne University’s Dr Chris Culnane, Dr Benjamin Rubinstein and Dr Vanessa Teague, who have shown that the Medicare data the Australian government briefly published last year can be re-identified – trivially. Read more… Source: The Register
- Uber says data breach compromised 380K users in Singapore
December 16, 2017
Uber says an estimated 380,000 users in Singapore were impacted by the 2016 data breach that compromised 58 million accounts globally, but finds no incidents of fraud related to the attack. The ride-sharing operator posted a statement on its website Friday with the update, noting that the figure was “an approximation rather than an accurate and ...