Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- Apple warns of “privacy and security threats” after EU requires it to allow sideloading
January 30, 2024
Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store (sideloading). These drastic changes are brought about to comply with the European Union’s (EU) Digital Markets Act (DMA). The Digital Markets Act (DMA) establishes a set of clearly defined objective criteria to identify “gatekeepers”. ...
- UK: Thousands of EU citizens ‘wrongly fined for breaching Ulez rules’ in potential record data breach
January 26, 2024
Hundreds of thousands of EU citizens were wrongly fined for driving in London’s Ultra Low Emission Zone (Ulez), amid claims of a record data breach. Several EU countries have accused Transport for London (TfL) of illegally obtaining the names and addresses of their citizens to issue the penalties, The Guardian reports. The paper said more than ...
- The NSA buys Americans’ internet data, newly released documents show
January 26, 2024
The National Security Agency has been buying Americans’ web browsing data from commercial data brokers without warrants, intelligence officials disclosed in documents made public by a US senator Thursday. The purchases include information about the websites Americans visit and the apps that they use, said Oregon Democratic Sen. Ron Wyden, releasing newly unclassified letters he received ...
- Veolia North America hit by ransomware attack
January 24, 2024
A department in Veolia North America, a transnational company offering water, energy and waste recycling management services, suffered a ransomware attack which resulted in the theft of some personal data, and forced the company to take parts of its infrastructure offline. In a press release published on the Veolia website, the company confirmed its Municipal Water ...
- AerCap confirms cybersecurity attack
January 23, 2024
Irish aircraft leasing giant AerCap is investigating a cybersecurity attack on its systems, but says that it suffered no financial loss as result of the hack. Claims surfaced online at the weekend that an organisation had hacked the Dublin-headquartered multinational’s systems and planned to leak data within days. AerCap confirmed that on January 17th it experienced ...
- “The mother of all breaches”: 26 billion records found online
January 23, 2024
Security researchers have discovered billions of exposed records online, calling it the “mother of all breaches”. However, the dataset doesn’t seem to be from one single data breach, but more a compilation of multiple breaches. These sets are often created by data enrichment companies. Data enrichment is the process of combining first party data from internal ...