Many moms and dads install baby monitors and security cameras for a sense of exactly that—security. To know their little one is safe gives parents peace of mind. But when one Mississippi family’s Ring Camera was hacked, they felt far from safe.
Eight-year-old Alyssa walked into her bedroom when she heard strange music and sounds, though no one was there. She then heard “Hey there,” coming from the camera in the corner. “Who is that?” She asked, to which the hacker said he was her “best friend.”
“I’m Santa Claus. Don’t you want to be my best friend?” he said.
When Alyssa screamed for her mom, the “Santa” hacker told her she could do whatever she wanted, instructing her to damage her furniture and break her TV.
Ashley LeMay, Alyssa’s mom, was mortified. Knowing her three daughters, who share the room, could have been watched for a period of time, was understandably horrifying.
“I can’t even put into words how badly I feel and how badly my children feel,” Ashley told the Washington Post. “I did the exact opposite of adding another security measure. I put them at risk and there’s nothing I can do to really ease their mind. I can’t tell them I know who it is. I can’t tell them that they’re not going to show up at our house in the middle of the night.”
Apparently, this isn’t the first time Ring cameras have been hacked. In recent weeks, numerous reports have surfaced of the devices being broken into through the two-way talk function. Vice’s Motherboard even covered how the hackers are able to get into the cameras.
We hope these little girls are able to recover from this traumatic incident—and that the hacker gets a big lump of coal this Christmas.
In a statement emailed to Working Mother, a Ring spokesperson said:
Customer trust is important to us and we take the security of our devices seriously. Our security team has investigated this incident and we have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network.
Recently, we were made aware of an incident where malicious actors obtained some Ring users’ account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log in to some Ring accounts. Unfortunately, when the same username and password is reused on multiple services, it’s possible for bad actors to gain access to many accounts.
Upon learning of the incident, we took appropriate actions to promptly block bad actors from known affected Ring accounts and affected users have been contacted. Consumers should always practice good password hygiene and we encourage Ring customers to change their passwords and enable two-factor authentication.
This story has been updated to include a statement from Ring.