Ring denies security breach amid user reports of suspicious logins

Ring users recently experienced alarming security alerts showing unauthorized logins from unfamiliar devices and locations, sparking concerns about potential account breaches. The company insists these warnings resulted from a backend update glitch that incorrectly displayed login dates as May 28, 2025, rather than indicating actual unauthorized access.

On social media and support forums, customers reported seeing suspicious devices, some with unfamiliar names like “derbhile’s iPhone”, along with IP addresses from countries they’ve never visited. While Ring maintains these were legacy logins from previously authorized devices, many users remain skeptical. One customer noted a login from Spain despite never traveling there, while others claimed their live feeds were accessed without household members opening the app.

Ring’s status page acknowledged the issue stemmed from a backend update and assured users their accounts weren’t compromised. However, the delayed resolution, with errors persisting days later, fueled frustration. Critics argue that if this were merely a display bug, reversing the update should have been straightforward.

Security experts recommend affected users take proactive steps:

• Review authorized devices in the Control Center and remove any unrecognized entries.
• Change account passwords and enable two-factor authentication for added protection.

Amazon later clarified that the displayed IPs and devices were tied to past logins, including shared credentials or old devices. Still, the lack of transparency around why unrelated locations and device names appeared has left many questioning Ring’s explanation. Until a fix fully rolls out, vigilance remains crucial for users monitoring their home security systems.

[Update: Amazon confirmed the inaccuracies were caused by a backend update, with no evidence of unauthorized access.]

(Source: BLEEPING COMPUTER)