The security bug
affected users who posted on the neighborhood watch app,
which lets residents report nearby crimes or public-safety
issues. The Amazon-owned app was retrieving hidden data,
including users' home addresses, from Ring servers, Tech
Crunch first reported. The information wasn't visible for
app users.
"We fixed this issue soon after we became aware of it," said
a Ring spokesperson. "We have not identified any evidence of
this information being accessed or used maliciously."
With the fix, the Application Programming Interface only
provides the city, state and zip code of posts, as well as
approximate latitude and longitude coordinates.
Amazon acquired the home security company, popular for the
Ring Video Doorbell, for $1 billion in 2018. |
|
|
This isn't the first
time Ring deals with a security issue. In 2019, the personal
data for nearly 3,000 Ring camera owners was reportedly
compromised, exposing information such as login names and
passwords. To boost privacy, Ring introduced a two-factor
authentication to log into accounts.
The company has also faced criticism over its partnerships
with police departments around the country and possibly
pursuing facial recognition technology that could flag
certain people as suspicious.