According to a report by Vice's Motherboard, Ring has fired a handful of its employees over the last four years for "improperly" accessing customer's recorded videos. This news follows a string of negative press for the Amazon-owned company, including a string of hacks, the revelation that some location and video data was being publicly shared through Ring's Neighbors app, and (justified) accusations that Ring lacked in "basic security features" to protect customer privacy and data.
The news comes courtesy of a letter which Ring sent to US senators, a copy of which was obtained by Motherboard, likely sent in response to their inquiry late last year following the start of the company's ongoing privacy kerfuffle. An excerpt of the letter assembled from Motherboard's coverage is just below:
"We are aware of incidents discussed below where employees violated our policies. Over the last four years, Ring has received four complaints or inquiries regarding a team member's access to Ring video data... In each instance, once Ring was made aware of the alleged conduct, Ring promptly investigated the incident, and after determining that the individual violated company policy, terminated the individual."
Beyond simply firing those that abused their position to access customers' videos, Ring has also allegedly reduced the number of people that even have access to that data, with a grand total of three employees now capable of doing so. The one exception to this is a Ukraine-based research team that has access to publicly available videos, as well as videos that company employees, contractors, and friends/family provide with consent.
Ring has recently pledged to do its part to increase user security, switching to enabling two-factor authentication by default for all newly created accounts (still insecure SMS-based, in the meantime, with existing accounts not forced to migrate) and it plans on rolling out an app update with better and more granular security and privacy controls.
Shortly after publication, Ring reached out to us with the following, massive statement, embedded in a collapsible box below to save space:
Privacy, security, and user control will always be paramount as we pursue and improve technologies that help achieve our mission of helping to make neighborhoods safer. We take the protection of customer data very seriously and are always looking for ways to improve our security measures.
At CES, we announced Ring will be making two-factor authentication opt-in by default for new account and device setups, even on existing accounts. We also shared details about our new Control Center which will initially enable Ring users to see and manage their connected mobile, desktop and tablet devices, third-party services, as well as enable customers to opt-out of receiving video requests in areas where local police have joined the Neighbors app. These are just a few examples of the many ways Ring is working to provide more transparency and control. We will continue to invest in rolling out enhanced security features to ensure that our users are protected.
Recently, we notified customers whose credentials we have identified as exposed as part of other companies’ data breaches and have reset their passwords. In addition, we are continuing to monitor for and block potentially unauthorized login attempts into Ring accounts. We’ve also contacted all Ring customers, encouraging them to enable two-factor authentication, change their passwords, and follow these important best practices for keeping their accounts secure.