A mix-up involving two databases allowed some users of a popular smart doorbell to view live footage from complete strangers’ front porches.
Earlier this month, Android Central began receiving reports from some Ring Doorbell Pro users that they could view video feeds that were not attached to their houses.
Enabled by Wi-Fi, Ring is a so-called “smart” doorbell that allows users to answer their doors anywhere via video on their smartphones.
The doorbell comes equipped with motion sensors that monitor for activity on a user’s property. If triggered, those sensors send a mobile alert to the user, who can choose to enable on their smartphone a video feed transmitted from the Ring doorbell. The user can then see or interact with whatever (or whomever) triggered the sensors.
Ring touts itself as providing “a new level of security.”
But not in this case.
It’s freaky enough to see the video feed from another house’s doorbell. It’s downright disturbing to think someone else is watching your own home’s front porch.
Given those privacy concerns, Android Central reached out to Ring. The company has since released the following statement:
“Security is at the core of our company and this is something Ring takes very seriously. Here’s what happened. We use random numbers to generate a call ID from Ring products. We did a very robust Beta test of the new Ring Video Doorbell Pro on experimental software, and when we moved it out of Beta for the commercial launch, some customers’ numbers were in two different databases. As a result, those call ID numbers were overwritten.
We believe, based on all the data we have analyzed, that this caused less than ten instances – out of more than 4 million calls per day and over 84 million calls in total – where video recordings overlapped for Ring Video Doorbell Pro users only. We are in the process of merging those databases so this will no longer occur. This issue only effected Ring Video Doorbell Pro users, not users of our other products, Ring Video Doorbell and Ring Stick Up Cam.”
Ring definitely should have done its due diligence and made sure all of their customers’ personal information was stored in the correct location when they moved for commercial launch.
It’s not as though the firm hasn’t found itself in hot water before over security and privacy issues. Earlier this year, for instance, a flaw was found in Ring’s “smart” doorbell that could have allowed attackers to easily steal the passwords to customers’ Wi-Fi networks.
But to be fair, it’s good to see the smart doorbell company taking responsibility for this latest issue. And if how it has resolved past security flaws is any indication, Ring should have everything fixed within a few weeks.
In the meantime, if you are a Ring user who can see other people’s video feeds, make sure you contact the doorbell company and let them know.
Let’s be honest: you’d want someone to do the same if they could view your doorstep.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.