Amazon Denies Possible Data Breach of Ring Camera Users
Ring users are raising alarms after receiving unauthorized login alerts, all dated May 28, 2025. Despite growing concerns, Amazon-owned Ring insists the issue stems from a backend bug—not a breach.
Over the past week, numerous users reported receiving notifications that their accounts had been accessed from unfamiliar devices across the globe. The consistent timestamp—May 28—sparked fears of a coordinated compromise.
In response, Ring representatives acknowledged the issue but dismissed breach concerns. “We are aware of a bug causing previous login dates to incorrectly display as May 28, 2025,” the company stated. An update on the Ring Status Page clarified that the alerts were triggered by a backend update that caused incorrect data to appear in users' Control Center.
“We have no reason to believe that customer accounts were actually accessed without authorization,” read the official statement.
Users Question Amazon’s Explanation
Despite Amazon’s reassurances, many users remain skeptical. Reports have surfaced of unfamiliar devices, odd IP addresses, and login locations—some from countries users say they've never visited—appearing in the list of authorized devices.
“Your ‘bug’ is absolute nonsense. I don’t know any ‘Derbhile’—is she somehow connected to our Ring camera or family? Just admit you were hacked,” one user posted on X, sharing a screenshot showing a login from “derbhile’s iPhone.”
Another user added:
“Funny how you call this a ‘bug’ when one of the logins into my account that day was from Spain—and I live in Texas. This doesn’t look like a bug or a login from a ‘previous device.’ I’ve never been to Spain.”
Suspicions of a Cover-Up
Frustration is growing because the issue—first described as a minor display bug—has persisted for days. If it were truly a backend error, users argue, why are the alerts still appearing?
More troubling are firsthand accounts of suspicious activity:
- Some users say they received real-time access notifications, even when no one in their household had logged in.
- Others claim they never got security alerts or two-factor authentication (2FA) prompts when new devices appeared.
Amazon Doubles Down
When Bleeping Computer reached out for clarification, Amazon maintained its original position: the devices and IPs users are seeing are historical entries—possibly linked to shared accounts or outdated hardware.
The company did not address the ongoing nature of the alerts or explain the presence of login records from entirely unknown regions.
Despite this, the official line remains unchanged: no breach occurred, and no unauthorized access was detected.
Key Takeaways
- Multiple Ring users reported unauthorized logins dated May 28, 2025.
- Amazon blames a backend bug, not a security breach.
- Users are seeing foreign devices and IPs, some tied to unfamiliar names or locations.
- Amazon says these are remnants of past logins or shared devices, but many remain unconvinced.
- The delay in resolving the issue—and the lack of clear communication—has only fueled suspicion.
This incident underscores growing concerns about smart home security, transparency, and whether tech companies are forthright when something goes wrong. Whether Ring's explanation holds or this evolves into something more serious remains to be seen—but trust, once shaken, is difficult to restore.
