A security researcher has found on the dark web 1,562 unique email addresses and passwords associated with Ring doorbell passwords.
The list of passwords was uploaded on Tuesday to an anonymous dark web text-sharing site, commonly used to share stolen passwords and illicit materials. A security researcher found the cache of email addresses and passwords, which can be used to log in to and access the cameras, as well as their time zone and the doorbell’s location, such as “driveway” or “front door.”
Over 1,500 Ring passwords have been found on the dark web
1,562 unique email addresses and passwords associated with Ring doorbell passwords were uploaded on Tuesday to an an anonymous dark web text-sharing site, commonly used to share stolen passwords and illicit materials. pic.twitter.com/Y5Qu50UdqG
— Plat4om (@Plat4omLive) December 20, 2019
This latest IoT vulnerability highlights the urgent need for a new set of security standards and protocols that deal with the rapid emergence of connected devices. Governments need to establish guidance, and manufacturers need to be held responsible for following best practices when designing ‘connected’ devices. Standards won’t eliminate all vulnerabilities, but they could bring order to what is right now the wild west of IoT.