Ring is warning {that a} backend replace bug is liable for clients seeing a surge in unauthorized units logged into their account on Could twenty eighth.
On Could twenty eighth, many Ring clients reported seeing uncommon units logged into their accounts from numerous areas worldwide, main them to imagine their accounts had been hacked.
Final week, Ring posted to Fb stating that they’re conscious “of a bug that incorrectly shows prior login dates as Could 28, 2025.”
Ring additionally up to date its standing web page to say that these unauthorized logins are brought on by a bug in a backend replace that was launched.
“We’re conscious of a problem the place info is displaying inaccurately in Management Middle,” reads Ring’s standing web page.
“That is the results of a backend replace, and we’re working to resolve this. We now have no cause to imagine that is the results of unauthorized entry to buyer accounts.”
These false login entries had been all dated Could 28, 2025, which lends some weight to Rings assertion that this was a backend subject slightly than a worldwide hacking incident.
Nevertheless, clients usually are not shopping for Ring’s clarification, reporting that they noticed unknown units, unusual IP addresses, and international locations that they by no means visited listed of their Licensed Consumer Gadgets listing, so that they could not be earlier logins.
“Absolute bollocks along with your ‘bug’ I do not even know Derbhille or is she anyway related to our ring digicam or household? Simply admit you have been hacked and yous are gonna amend this,” a buyer posted to X, whereas sharing a screenshot of login from a tool named “derbhile’s iPhone.”
“I discover it fascinating that it is only a “bug” but one in every of my a number of unknown logins from that date was a log in from Spain… I am in Texas so does not appear to be only a bug or log ins on prior units as a result of I can guarantee you I’ve by no means been to Spain,” one other buyer posted to Fb.
The sense that Amazon is hiding an precise safety incident is additional enhanced by the truth that a backend replace must be straightforward to reverse. But, three days later, individuals are nonetheless seeing logins from units they do not acknowledge.
To make issues worse, some customers report seeing stay view exercise throughout occasions when nobody within the family has accessed the app, and others report not receiving safety alerts or multi-factor authentication prompts when new units are added.
Supply: BleepingComputer
Whereas this could possibly be a bug displaying incorrect system names and logins, Ring ought to clearly state this, because it has as an alternative said that it was the consumer’s earlier logins.
BleepingComputer contacted Ring to inquire concerning the state of affairs and why individuals are seeing units and international locations that they’ve by no means owned or been to, and thus cant be earlier logins.
Ring customers ought to overview licensed units from the app’s Management Middle > Licensed Consumer Gadgets part. If any units or logins usually are not acknowledged, they need to be eliminated instantly.
It might even be prudent to vary your account password and allow two-factor authentication from the Account Settings.
BleepingComputer will replace our story with any response we obtain from Ring.
Comprise rising threats in actual time – earlier than they affect your small business.
Learn the way cloud detection and response (CDR) provides safety groups the sting they want on this sensible, no-nonsense information.
