I’ve owned a Ring doorbell for 3 years. When I bought it Ring only sold one main product (the doorbell) and several accessories (doorbell chime, brackets, video retention, etc.). Today they have a line of doorbells, security lights, in home security devices, accessories and software services. In addition the ownership changed from the founder plus venture capitalists to a subsidiary of Amazon.
From early on the Company was criticized for poor security. The initial batch of doorbells had a firmware security flaw that was fixed via an update during the set up process. Since then there have been a number of egregious security flaws related to employees viewing customer’s security cam videos without permission, the devices granting access to unauthorized users, release of camera locations to police without permission, hackers gaining access to nanny cams and frightening children or spewing racist abuse, and most recently data for 3,000 customers was stolen.
Ring denies their devices are insecure. With respect to the recent data breach they claim they have not been hacked, but the data had to come from them so their denials are not credible. It’s hard to have confidence that a Company is serious about fixing these problems if they refuse to acknowledge their mistakes.
Within the last week Ring’s app directed me to set up 2-factor verification and change my password. I don’t know if that means I was one of the 3,000 compromised customers.
In the past I’ve posted that I would not buy another Ring device. My reason was solely related to how poorly the doorbell works. But these security failures are even more troublesome. They sell SECURITY. How can they not take the security of their customers more seriously?
Just a few words regarding in-home security devices. When you buy wifi security devices they are only as secure as the company that runs them. They all run off servers connected to the devices over the internet. If those servers are compromised so is your home.
I think the risk of a criminal hacking into a server to burglarize a home is low. But hacking into a server to access nanny-cams is another story. This has already happened, and will continue to happen whether you have a Ring device or a nanny-cam from some other company.
I would advise against getting an in-home camera at all. If you feel you must have a nanny-cam it makes more sense to get a home server and a security camera that connects only to your server. There is still a risk – if someone cracks into your server they can access your camera. Plus a home server/security cam setup is substantially more complex. But the risk is much lower with your own server.