Ring's Neighbors app exposed precise locations and addresses

Ring has since fixed the bug, but it's yet another security issue.

Sponsored Links

Jon Fingas
January 14, 2021 12:16 PM
Close-up of Ring doorbell, equipped with a camera and machine learning capabilities, installed outside a home in the Marina Del Rey neighborhood of Los Angeles, California, October 21, 2018. (Photo by Smith Collection/Gado/Getty Images)
Smith Collection/Gado/Getty Images

Ring’s Neighbors app is still suffering from privacy shortcomings almost three years later. TechCrunch has learned a bug in the Amazon-owned neighborhood watch tool exposed precise locations and home addresses for anyone posting in the software. The app was pulling hidden positional data from Ring’s servers. While users wouldn’t see the info, an attacker could combine that info with unique post numbers to help interpret locations.

Ring spokesperson Yassi Shahmiri said the company had fixed the issue once it became aware, and it had “not identified any evidence” of malicious access.

Even so, word of the flaw doesn’t exactly help Ring’s image. Gizmodo discovered a Neighbors flaw in 2020 that let it map Ring users. The company is also grappling with a class-action lawsuit for allegedly failing to stop security camera hacks, and has drawn criticism for its eagerness to share data with police. Ring promised to improve security last year and took important steps like requiring two-factor authentication and offering end-to-end video encryption, but it clearly still has some work left before it can reassure users that its apps and devices are trustworthy.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Popular on Engadget