Amazon Ring’s Neighbors App Suffers from Security Flaw

Amazon-owned Ring’s Neighbors App recently suffered from a data security incident. This flaw left the home addresses and location data of users compromised and exposed to the public via the Internet, reports Gizmodo.

The ring is the home security and video doorbell startup company acquired by Amazon, reports Tech Crunch. According to the news site, the Neighbors feature was initially launched in 2018 as an app that differentiates it from other features and offers.

Neighbors is a community of sorts and are part of existing neighborhood watch programs that provide citizens and residents within a particular area to gain more insight into the public safety concerns and criminal events happening within a certain location.

Amazon Ring Security Flaw
Image Source: Chip Somodevilla/Getty Images

Gizmodo states that users are free to share public safety information anonymously on the Neighbors online forum. Both the full name and the location of the user is not available for full view.

However, due to the security flaw found in its system, Tech Crunch revealed that the home addresses, as well as the geographical location including the longitude and latitude of a user, made it possible for threat actors and Internet-savvy users to take advantage of the flaw.

This could reportedly gain access to users who are reporting crimes, including those posting and taking videos using the Ring security system, states Tech Crunch.

Apart from the home addresses and the location data being made vulnerable to the public, Tech Crunch researchers found that the supposedly unique numbers that were generated by the Ring servers for each post made by a user can be directly linked to other information about the poster.

Although this may be the case, Gizmodo shares the numbers generated by the Ring server remain hidden to the poster via the app.

Following the data security flaw, company spokesperson Yassi Shahmiri remarked that they had already addressed the issue. In a statement, Shahmiri said, “At Ring, we take customer privacy and security extremely seriously. We fixed this issue soon after we became aware of it. We have not identified any evidence of this information being accessed or used maliciously.”

This is the second security flaw that had come Ring’s way. In 2020, Gizmodo discovered that the app gave away the hidden location data of users from the United States. This reportedly allowed reporters to find Ring users from different states.

Apart from this, Ring is also under fire for hacking incidents that allowed racial slurs, death threats, and other obscenities to be thrown at users. It also came under public scrutiny following its involvement with thousands of police departments for its surveillance system, states Gizmodo.