Ring is warning {that a} backend replace bug is chargeable for prospects seeing a surge in unauthorized gadgets logged into their account on Might twenty eighth.
On Might twenty eighth, many Ring prospects reported seeing uncommon gadgets logged into their accounts from varied places worldwide, main them to consider their accounts had been hacked.
Final week, Ring posted to Fb stating that they’re conscious “of a bug that incorrectly shows prior login dates as Might 28, 2025.”
Ring additionally up to date its standing web page to say that these unauthorized logins are attributable to a bug in a backend replace that was launched.
“We’re conscious of a difficulty the place info is displaying inaccurately in Management Heart,” reads Ring’s standing web page.
“That is the results of a backend replace, and we’re working to resolve this. We now have no motive to consider that is the results of unauthorized entry to buyer accounts.”
These false login entries have been all dated Might 28, 2025, which lends some weight to Rings assertion that this was a backend difficulty moderately than a world hacking incident.
Nevertheless, prospects are usually not shopping for Ring’s clarification, reporting that they noticed unknown gadgets, unusual IP addresses, and nations that they by no means visited listed of their Licensed Shopper Gadgets listing, so that they could not be earlier logins.
“Absolute bollocks together with your ‘bug’ I do not even know Derbhille or is she anyway related to our ring digital camera or household? Simply admit you’ve got been hacked and yous are gonna amend this,” a buyer posted to X, whereas sharing a screenshot of login from a tool named “derbhile’s iPhone.”
“I discover it fascinating that it is only a “bug” but one in every of my a number of unknown logins from that date was a log in from Spain… I am in Texas so would not look like only a bug or log ins on prior gadgets as a result of I can guarantee you I’ve by no means been to Spain,” one other buyer posted to Fb.
The sense that Amazon is hiding an precise safety incident is additional enhanced by the truth that a backend replace needs to be simple to reverse. But, three days later, persons are nonetheless seeing logins from gadgets they do not acknowledge.
To make issues worse, some customers report seeing stay view exercise throughout occasions when nobody within the family has accessed the app, and others report not receiving safety alerts or multi-factor authentication prompts when new gadgets are added.
Supply: BleepingComputer
Whereas this might be a bug displaying incorrect gadget names and logins, Ring ought to clearly state this, because it has as a substitute said that it was the person’s earlier logins.
BleepingComputer contacted Ring to inquire in regards to the state of affairs and why persons are seeing gadgets and nations that they’ve by no means owned or been to, and thus cant be earlier logins.
Ring customers ought to assessment licensed gadgets from the app’s Management Heart > Licensed Shopper Gadgets part. If any gadgets or logins are usually not acknowledged, they need to be eliminated instantly.
It might even be prudent to alter your account password and allow two-factor authentication from the Account Settings.
BleepingComputer will replace our story with any response we obtain from Ring.
CISOs know that getting board buy-in begins with a transparent, strategic view of how cloud safety drives enterprise worth.
This free, editable board report deck helps safety leaders current danger, influence, and priorities in clear enterprise phrases. Flip safety updates into significant conversations and quicker decision-making within the boardroom.
