Over 1,500 Ring passwords have been found on the dark web

Credentials can be used to log in and access Ring cameras

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A security researcher has discovered 1,562 unique email addresses and passwords ofRing doorbellusers on the dark web.

The list of passwords was recently uploaded to an anonymous text-sharing site on thedark webwhich is commonly used by cybercriminals to share stolen passwords and other illicit materials.

By using the email addresses and passwords of Ring users on the site, an attacker can log in to and access users' cameras as well as their time zone and the doorbell’s location.

The researcher reported their findings toAmazonwhich owns Ring but the company asked them not to discuss their findings publicly.

Ring credentials

Ring credentials

BuzzFeed Newsrecently reported that a similar cache of 3,600 Ring user credentials was posted online and this data appears to be similar to the collection of user data discovered by the security researcher.

Anyone with access to a working email address and password can log into a user’s Ring account to obtain their physical address, phone number and some payment information. With these credentials, an attacker can also access a user’s historical video data if the setting is enabled.

After reviewing some of the credentials on the dark web text-sharing site,TechCrunchfound that most of the passwords it reviewed were relatively simple and could be easy for an attacker to guess. However, it is also possible that the passwords were obtained bycredential stuffingwhere cybercriminals use usernames and passwords from past data breaches to try an access users' other accounts.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

If you have aRing doorbellor camera in your home, it is recommended that you update your password and enabletwo-factor authenticationfor your account.

ViaTechCrunch

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Your next smartwatch could be battery-free – and powered by your skin