Ring has responded to the US Senators demanding answers to the security issues it’s facing in a letter, which was obtained by Motherboard. In it, the Amazon-owned company has admitted that it had to fire employees for watching customers’ videos beyond what they were allowed to. Ring received the four complaints over the course of four years, and it opened an investigation for each one of them. While all the employees involved had the authority to view customer videos, Ring said they accessed or attempted to access data that “exceeded what was necessary for their job functions.”
In addition to terminating the employees, Ring said it limited data access to smaller number of staff members. At the moment, only three employees can access stored customer videos. The company also clarified in the letter that while it gave an R&D team in Ukraine access to video data, that team can only watch publicly available videos and videos from employees, contractors and their friends who consented to be part of the program.
Ring recently pledged to beef up its security measures, most likely in response to all the flak it’s gotten over various security issues. Motherboard discovered last year that Ring makes its security video footage available to local police, and it’s also facing a lawsuit due a series of hacks that allowed infiltrators to digitally harass device owners. One of its recent efforts is requiring new signups to activate two-factor authentication — a move that’s nowhere near good enough for Senator Ron Wyden.
The Senator said in a statement:
“Requiring two-factor for new accounts is a step in the right direction, but there are millions of consumers who already have a Ring camera in their homes who remain needlessly vulnerable to hackers. Amazon needs to go further — by protecting all Ring devices with two-factor authentication. It is also disturbing to learn that Ring’s encryption of user videos lags behind other companies, who ensure that only users have the encryption keys to access their data.”