A ransomware group called “ALPHV” has claimed to have hacked into Amazon’s Ring security camera systems, stealing sensitive data. ALPHV is responsible for the “BlackCat” ransomware strain. According to the group, they gained access to over 150 devices, including cameras and doorbells, and stole login credentials, emails, and audio and video recordings from the devices.
The group posted screenshots of the stolen data on their dark web blog, though it has not yet been independently verified that they were able to successfully hack into Ring’s systems.
In a statement to Vice Motherboard, Ring has not seen any evidence of a breach of its systems, but has said that a third-party vendor has been hit with ransomware and it is investigating it. Amazon has declined to comment.
The Ring system has been the subject of controversy in the past due to privacy concerns. The company has faced criticism for working with law enforcement agencies and sharing user data with them. This latest hack raises even more questions about the security of the popular home security system.
How to protect your Ring cameras from hackers
Ring devices support end-to-end encryption (E2EE) in most countries, and if enabled, means that neither Amazon nor law enforcement, or ransomware groups for that matter, could access uploaded footage.
Experts advise users to take steps to protect their personal data, including using strong passwords, enabling two-factor authentication, and keeping software up-to-date. Two-factor authentication is a security measure that requires users to provide two forms of identification, such as a password and a code sent to their phone, in order to access their account. This makes it more difficult for hackers to gain access to accounts even if they have obtained the login credentials.
Ring has also been criticized for its handling of user data in the past. In 2019, it was revealed that the company had allowed employees to access customer video footage, raising concerns about privacy. The company has since updated its policies to limit employee access to user data.
Ransomware attacks have become increasingly common in recent years. These attacks involve hackers gaining access to a company’s systems, encrypting their data, and then demanding payment in exchange for the decryption key. These attacks can be devastating for businesses, as they can result in significant financial losses and damage to the company’s reputation.
The ALPHV group has been responsible for a number of high-profile ransomware attacks in recent months, including attacks on gaming giant Capcom and the Irish healthcare system. The group is known for using aggressive tactics, including threatening to leak stolen data if their ransom demands are not met.
The Ring hack serves as a reminder of the importance of taking steps to protect personal data. While it is not yet clear whether ALPHV was able to successfully hack into Ring’s systems, the incident underscores the need for users to be vigilant about their online security.
