Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures

The FTC is sending a total of $5.6 million in refunds to over 117,000 Ring customers as result of a 2023 settlement.

The Federal Trade Commission (FTC) this week announced that it is sending out a total of more than $5.6 million in refunds to customers of the Amazon-owned home security camera company Ring as the result of a 2023 settlement.

In May 2023, the FTC announced a complaint against Ring for failing to implement security protections to ensure customer privacy and allowing hackers and employees to access user devices and accounts.

Ring’s failure, the FTC said, allowed hackers to access customer videos and account profiles, and in some cases to completely take over devices and threaten and harass customers, including elderly people and children.

According to the agency, hackers exploited security vulnerabilities to access the videos, video streams, and account profiles of at least 55,000 Ring customers in the US.

According to the complaint, Ring also failed to restrict employee access to customer videos, which allowed at least one employee to surveil female customers in bathrooms or bedrooms.

Furthermore, the FTC noted that until 2018 Ring had failed to notify its customers or obtain their consent for performing reviews of their videos for various purposes, including training AI algorithms.

“Ring deceived its customers by failing to restrict employees’ and contractors’ access to its customers’ videos, using its customer videos to train algorithms without consent, and failing to implement security safeguards. These practices led to egregious violations of users’ privacy,” the FTC said this week.

The commission announced that it is sending over 117,000 PayPal payments to individuals who owned certain Ring devices, including indoor cameras, and that these payments should be redeemed within 30 days.

Advertisement. Scroll to continue reading.

In May last year, the FTC also said that Amazon had agreed to pay $25 million as part of a separate settlement regarding accusations that it kept children’s voice recordings captured by Alexa smart speakers instead of deleting them.

Related: Tech Support Firms Agree to $26M FTC Settlement Over Fake Services

Related: FTC Accuses Avast of Selling Customer Browsing Data to Advertisers

Related: FTC Orders Blackbaud to Address Poor Security Practices

Related: Ring Will No Longer Allow Police to Request Doorbell Camera Footage From Users

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights