Amazon has revealed that it has fired four employees over the past four years for improperly accessing customer data.
In November, five US senators sent Ring a letter with questions about its data retention and data deletion practices, data security measures and employee access to stored data.
Ring responded to the letter on Monday, the same day it unveiled new privacy and security measures at the CES show in Las Vegas. The new measures include requiring two-factor authentication for new products.
In the letter, Ring said that it started alerting customers when new devices access their account and when their passwords have been stolen in breaches from other sites.
Unfortunately, US Senator Ron Wyden was far from impressed, saying: “Requiring two-factor for new accounts is a step in the right direction, but there are millions of consumers who already have a Ring camera in their homes who remain needlessly vulnerable to hackers.
“Amazon needs to go further – by protecting all Ring devices with two-factor authentication.”
In the letter, Ring disclosed how four employees were fired for improperly seeking access to customer data over the past four years.
“Although each of the individuals involved in these incidents was authorised to view video data, the attempted access to that data exceeded what was necessary for their job functions,” said Brian Huseman, Amazon’s vice president of public policy, in the letter.
Huseman added that in addition to investigating and firing the employees, Ring has taken “multiple actions” to limit data access to a smaller amount of employees.
The letter does not disclose what customer data was accessed, how many employees were involved, or how many of them successfully accessed them.
“We take the protection of customer data very seriously and are always looking for ways to improve our security measures,” Ring said in a statement.
Currently, Ring is facing both a federal and class action lawsuit for failing to protect its users.
The post #Privacy: Amazon reveals it fired four employees for improper access to user video data appeared first on PrivSec Report.