The source, who talked with The Intercept, claims that when the Ukrainian team was granted access to the video files, the files were unencrypted.
Consumer-level smart video doorbells and security cameras have become immensely popular, but some anxious that the video feeds could be hijacked by those with malicious intents.
As well as that, some USA employees specifically have access to a video portal of customer cameras to allow them to give technical support; however, according to the report, even employees that didn't deal with customers had access to it. We implement systems to restrict and audit access to information.
Backing up The Information, The Intercept also on Thursday reported that Ring in 2016 gave its Ukraine-based R&D team "virtually unfettered access to a folder on Amazon's S3 cloud storage service that contained every video created by every Ring camera around the world".
It might be time to throw your Ring cameras in the garbage.
It's impossible to know if Amazon is running a tight ship with Ring's sensitive user data now, but it's yet another reason to consider the privacy risks posed by smart home devices, particularly surveillance ones.
Amazon purchased Ring in 2018, and in that time, some steps have been taken in order to protect Ring's customer' information. Having previously reported on such alleged employee access in December, the Information said in its own report that users early on frequently complained of triggered alerts for such innocuous activity as a passing auto.
Ring, a company that makes video doorbells and was bought by Amazon for $1bn previous year, left databases of private user videos unencrypted while giving access to teams of contractor staff and engineers.
A Ring spokesperson claimed that the company only views and annotates videos that are "sourced exclusively from publicly shared Ring videos" or come from a handful of Ring users who have voluntarily provided access to their videos. Employees have then used that access to spy on each other, and see whom other employees have "brought home" for the evening. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. The source said, "if [someone] knew a reporter or competitor's email address, [they] could view all their cameras".
A never-before-published image from an internal Ring document pulls back the veil of the company's lofty security ambitions: Behind all the computer sophistication was a team of people drawing boxes around strangers, day in and day out, as they struggled to grant some semblance of human judgment to an algorithm.
On the other hand, Amazon-owned Ring issued a statement clarifying that their employees only watch videos acquired from Neighbors, the community app.
'We have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them, ' they added.