Tania Amador of Grand Prairie, Texas, awoke on Monday to an alarm and a sinister voice speaking to her through her Ring device.
“This is Ring support,” the voice said, laughing.
Then the hacker got to business. “We would like to notify you that your account has been terminated by a hacker,” the voice said, according to local ABC affiliate WFAA, which reviewed the Ring camera’s footage. “Pay this 50 Bitcoin ransom or you will get terminated yourself.”
According to WFAA, the hacker then took control of the 28-year-0ld woman’s doorbell camera then said, “I’m outside your front door.”
“Very scary to hear a threat shouted over the camera for a ransom,” Amador told WFAA. “The fact that the person was watching and we don’t know for how long is even scarier.”
But Amador did not pay the Bitcoin bounty, worth about $400,000. Instead, she simply took the batteries out of her Ring.
This is just one example to come to light recently of hackers speaking to Ring users through their devices. In once instance in Tennessee, someone sang “Tiptoe Through the Tulips” to an 8-year old girl, before telling her, “It’s Santa. It’s your best friend.” In another incident in Florida, a hacker shouted racial slurs.
Ring did not immediately respond to a Gizmodo request for comment. A company spokesperson told WFAA that Ring owners’ emails and passwords are often stolen in third-party breaches because people often use the same passwords for multiple accounts—suggesting this is likely what happened to Amador.
Amador told WFAA she doubts this is what happened since she uses a unique 21-character password for her Ring account. She said was also surprised to discover that Ring, which is owned by Amazon, doesn’t lock someone out of an account after they make several wrong password attempts.
This week, Motherboard published a report about cheap software that allows hackers to gain access to Ring cameras, detailing how pervasive the problem of Ring hacking has become.
A Gizmodo investigation published on Monday found that Ring’s companion crime-alert app, Neighbors, often transmits the approximate location of Ring cameras when a user posts Ring videos to the app, making it trivial for technical users to find a user’s physical address.
Amador’s boyfriend, who works in IT, requested all Amador’s Ring user data by filing a police report.
“I felt betrayed by our security company,” Amador told WFAA. “I feel like we were treated like another dollar and that we didn’t matter.”
Amador has kept the devices off since the unsettling incident. “Everything is shut off and until there is a safer alternative, we don’t want to keep using Ring,” Amador told WFAA. “At the time there is no trust in the company.”
All Ring advisers should keep in mind that the best way to prevent people from accessing their device is to never use a Ring camera.