Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3
September 5, 2017
Thousands of resumes and job applications containing the personal information of U.S. veterans, many with top secret clearances, and law enforcement officers were left exposed in an Amazon Web Services S3 bucket, continuing a trend where poorly configured cloud-storage services are putting people at risk. The applicants were seeking employment with a private military contractor from ...
- Kurat võtku! Estonia identifies security risk in almost 750,000 ID cards
September 5, 2017
The Estonian government has discovered a security risk in its ID card system, potentially affecting almost 750,000 residents. “When notified, Estonian authorities immediately took precautionary measures, including closing the public key database, in order to minimise the risk while the situation can be fully assessed and a solution developed,” according to an email by Kaspar Korjus, ...
- A Company Offers $500,000 For Secure Messaging Apps Zero-Day Exploits
August 23, 2017
How much does your privacy cost? It will soon be sold for half a Million US dollars. A controversial company specialises in acquiring and reselling zero-day exploits is ready to pay up to US$500,000 for working zero-day vulnerabilities targeting popular secure messenger applications, such as Signal, Telegram and WhatsApp. Zerodium announced a new pricing structure on Wednesday, paying out $500,000 ...
- Anonymous Hacks NHS System, Data of 1.2 Million Patients Allegedly Exposed
August 21, 2017
The NHS has once again been the target of hackers, this time with a member of the famous group Anonymous managing to breach the appointment booking system and expose details of 1.2 million patients. SwiftQueue, who handles appointments of eight NHS trusts, confirmed the hack, but said that only some 32,500 “lines of administrative data” had ...
- TalkTalk fined £100k for exposing personal sensitive info
August 10, 2017
Blighty’s Information Commissioner’s Office has whacked TalkTalk with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre. The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were ...
- Web law offers ‘right to be forgotten’ online
August 7, 2017
Social media firms will have to erase personal information on individuals when asked under laws allowing people the “right to be forgotten” online. The Data Protection Bill will make it simpler for people to control how companies use their personal details, including requesting that posts or pictures be deleted. The information watchdog has been given extra powers ...