This is likely to be a bit of a black eye from Amazon, as the company looks to bolster its presence in the home security space. The Information reports that, until earlier this year, a security loophole allowed users to continue to view a feed from Ring’s doorbell camera even after its password was changed.
Ring, which was purchased by Amazon for $1 billion earlier this year, acknowledged that it patched the issue in January. The update arrived after a Miami man told the company that his ex had continued to watch the feed, after he had updated the password. Even so, the update doesn’t occur immediately, CEO Jamie Siminoff acknowledged, adding that kicking users off immediately would slow down the app, according to the site.
Ring was a centerpiece of a number of recent acquisitions for Amazon, allowing the company to expend delivery directly into customers’ homes and serving as a foundation of new home security offerings. While the outward-facing nature of the doorbell camera is less intrusive than those products designed to sit directly inside the home, this issue will no doubt lead many users to think twice before introducing a cloud-connected device in their home.
We’ve reached out to Amazon/Ring for a comment on the issue.
Update: Here’s a comment from Ring,
Ring values the trust our neighbors place in us and we are committed to the highest level of customer information and data security.
We strongly recommend that customers never share their username or password. Instead, they should add family members and other users to their devices through Ring’s “Shared Users” feature. This way, owners maintain control over who has access to their devices and can immediately remove users.
Our team is taking additional steps to further improve the password change experience.