That jibes with reports which call this technique “credentials stuffing" -- i.e., if the username and password is matched to a Ring account, hackers publish it online, according to ZDNet.
“Unfortunately, when people reuse the same username and password on multiple services, it’s possible for bad actors to gain access to many accounts,” Ring said.
The company said it has taken “appropriate actions” to block bad actors from known affected Ring accounts and affected users have been contacted, adding that it is encouraging Ring customers to change their passwords and enable two-factor authentication.
One list published on hacker forums claimed to contain credentials for 100,000 Ring accounts. Ring told ZDNet that of the 100,000 credentials only 4,000 were for valid Ring accounts.
Ring urges users to make sure to use unique usernames and passwords for every account. One way to do this is by using password manager software.
0 Comments