Orange also claimed that Ring's response was evidence of the company blaming customers. It told Orange that there was "no evidence" someone had hacked the firm's infrastructure, and that his incident may be the result of a breach at a "non-Ring service" where the perpetrators reused info to sign into Ring accounts. In other words, Ring couldn't help it if people reused passwords with sites and services it can't control.
The suit formally levels accusations of breach of contract, invasion of privacy, negligence, unjust enrichment and violating California's Unfair Competition Law (through misleading representations of security). If it achieves class action status, it would ask Amazon and Ring to compensate victims and implement "improved security procedures and measures."
We've asked Ring for comment, although a spokesperson declined to comment to Gizmodo saying that the company "does not comment on legal matters."
Whether or not the lawsuit succeeds will likely depend on the nature of the incidents. Orange will have to show that there really was something Ring could do to have prevented these incidents. If Ring's suspicions are correct and there was an outside breach that exposed its users, Orange is out of luck -- the company can't block intruders who use the right logins and otherwise show no signs of suspicious activity.