NASHVILLE, Tenn. (WKRN) – A chilling exchange caught on video. A Mississippi family’s story is going viral after a popular device in their home was hacked.
What was supposed to be an extra security measure for the LeMay family, turned into a nightmare.
Eerie music and a strange voice asking their 8-year-old daughter, “Do you want to be my best friend?” can be heard from their newly installed Ring security camera in their daughter’s bedroom.
In Georgia, a stranger can be heard talking to a woman through her device as she was lying in bed.
Both videos went viral and sparked conversations online. Many people across the country said it also happened to them.
“I’m actually not surprised,” says Eric Kirchbaum, Chief Security Officer of NetFortris in Nashville. “As we connect more of these devices together, we allow hackers the ability to compromise the easiest device they find, get on the network and find more devices to attack.”
There are a few tips Kirchbaum says you can do to make sure this never happens to you:
- Create a complex password for your home network, nothing that matches a real word.
- Put your home wireless connection and smart devices on separate networks.
- Although some companies suggest using two-factor authentication to add extra security, Krichbaum says that works better for protecting your bank account and other personal information.
Be warned, if your device is set up outdoors, someone can mess with it physically. They can pull the bottom apart, take out your SD card, load new software and reset the device to be able to hack into it.
Metro Police and the Nashville Residence Agency of the FBI said they’re unaware of any reported cases in the Nashville area.
A Ring spokesperson provided a statement to News 2 in response to the reported incidents:
“Customer trust is important to us and we take the security of our devices seriously. Our security team has investigated this incident and we have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network. Recently, we were made aware of an incident where malicious actors obtained some Ring users’ account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log in to some Ring accounts. Unfortunately, when the same username and password is reused on multiple services, it’s possible for bad actors to gain access to many accounts.
Upon learning of the incident, we took appropriate actions to promptly block bad actors from known affected Ring accounts and affected users have been contacted. Consumers should always practice good password hygiene and we encourage Ring customers to change their passwords and enable two-factor authentication.
We highly encourage all Ring users to follow security best practices to ensure your Ring account stays secure:
Enable Two-Factor Authentication: Enable two-factor authentication in the Ring app from the app’s account settings. This creates an extra layer of security. You’ll receive a unique code via text message to your phone whenever you or someone else attempts to log in to your Ring account from a new device.
Add Shared Users: Don’t provide your login information to others. If you want to share access to your Ring devices with other people, simply add them as a shared user.
Use Different Passwords For Each Account: By using different usernames and passwords on your various accounts, you reduce the risk that a malicious actor could reuse credentials compromised from another account to access your Ring account. A password manager allows you to conveniently store all of your passwords in a centralized vault on your computer and, if you wish, in the cloud. This means you only need to remember one password to unlock all of your passwords. All major browsers have built-in password managers, and there are also a variety of commercial providers that will permit you to synchronize your vaults between devices.
Create Strong Passwords: Create strong passwords with a mix of numbers, letters (both uppercase and lowercase), and symbols, and embrace long, non-dictionary based words or phrases. Try not to use sequential values in your passwords (123, abc, etc.). Even better, use a password generator to create a randomly generated, unique password for each account.
Regularly Update Your Passwords: It’s good practice to update your passwords every three to six months. Click here to learn how to change your password to your Ring account.
Ring published a blog post clarifying this, which you can read here.”