Ring denies breach after users report suspicious logins

Ring is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. On May 28th, many Ring customers reported seeing unusual devices logged into their accounts from various locations worldwide, leading them to believe their accounts had been hacked. Last week, Ring posted to Facebook stating that they are aware "of a bug that incorrectly displays prior login dates as May 28, 2025." Ring also updated its status page to say that these unauthorized logins are caused by a bug in a backend update that was released. "We are aware of an issue where information is displaying inaccurately in Control Center," reads Ring's status page. "This is the result of a backend update, and we're working to resolve this. We have no reason to believe this is the result of unauthorized access to customer accounts." These false login entries were all dated May 28, 2025, which lends some weight to Rings statement that this was a backend issue rather than a global hacking incident. However, customers are not buying Ring's explanation, reporting that they saw unknown devices, strange IP addresses, and countries that they never visited listed in their Authorized Client Devices list, so they couldn't be previous logins. "Absolute bollocks with your 'bug' I don't even know Derbhille or is she anyway associated with our ring camera or family? Just admit you've been hacked and yous are gonna amend this," a customer posted to X, while sharing a screenshot of login from a device named "derbhile's iPhone." "I find it interesting that it's just a "bug" yet one of my several unknown logins from that date was a log in from Spain… I'm in Texas so doesn't seem like just a bug or log ins on prior devices because I can assure you I have never been to Spain," another customer posted to Facebook. The sense that Amazon is hiding an actual security incident is further enhanced by the fact that a backend update should be easy to reverse. Yet, three days later, people are still seeing logins from devices they don't recognize. To make matters worse, some users report seeing live view activity during times when no one in the household has accessed the app, and others report not receiving security alerts or multi-factor authentication prompts when new devices are added. User reports on Facebook Source: BleepingComputer While this could be a bug displaying incorrect device names and logins, Ring should clearly state this, as it has instead stated that it was the user's previous logins. BleepingComputer contacted Ring to inquire about the situation and why people are seeing devices and countries that they have never owned or been to, and thus cant be previous logins. Ring users should review authorized devices from the app's Control Center > Authorized Client Devices section. If any devices or logins are not recognized, they should be removed immediately. It would also be prudent to change your account password and enable two-factor authentication from the Account Settings. BleepingComputer will update our story with any response we receive from Ring.