Morning Overview

The FBI says thieves are hijacking home-camera feeds through passwords you reused.

Thieves are breaking into home security cameras across the United States by reusing passwords stolen from email breaches, then weaponizing those feeds to livestream fake emergency responses and harass families through their own speakers. The FBI has issued multiple public service alerts warning that this attack chain, which starts with a single recycled password, is fueling a wave of swatting incidents. A federal grand jury has already indicted two defendants for allegedly taking over Ring doorbells nationwide using this exact method.

Recycled passwords are turning home cameras into weapons

The attack works because millions of people use the same password for their email and their smart-home devices. When email credentials leak in a breach, offenders test those logins against camera platforms. If the password matches, they gain full access to live video, stored recordings, and two-way audio. The FBI’s Internet Crime Complaint Center spelled this out directly: “customers who re-use their email passwords for their smart device” hand attackers the keys to their cameras and speakers.

Once inside, the offenders do not simply watch. They call in fake emergencies to the victim’s address, then hijack the camera feed to watch armed police arrive at the door. In some cases they use the device’s speaker to taunt both the homeowner and responding officers in real time. The result is a dangerous confrontation manufactured entirely through a recycled login.

The hypothesis that regions with higher email-breach notification rates would see measurable spikes in smart-home swatting calls within 60 to 90 days of breach disclosures is plausible but unconfirmed. No federal agency has published a dataset correlating specific email dumps to subsequent camera-account compromises. The FBI’s alerts describe the mechanism clearly, yet the raw breach-to-swatting pipeline has not been quantified in any publicly available report.

Federal indictments and FTC enforcement trace the password-reuse chain

The clearest evidence of how this plays out comes from a federal indictment in the Central District of California. According to the U.S. Attorney’s Office, a grand jury charged two defendants who acquired Yahoo email credentials and then checked whether victims used the same email and password combination for their Ring accounts. Between Nov. 7 and Nov. 13, 2020, the defendants accessed Ring devices to transmit audio and video while taunting victims and police officers responding to fake emergency calls.

That indictment confirmed what federal agencies had been warning about in broader terms. The FBI’s Portland Field Office explained that offenders use stolen email passwords to log into smart devices and hijack features including live-stream camera feeds. The agency repeated this guidance in a separate alert, urging “strong, unique passwords” and multi-factor authentication “on all devices and accounts, including smart home devices.”

Separately, the Federal Trade Commission documented how hackers exploited account vulnerabilities through credential stuffing and brute force attacks to access stored videos, live streams, and two-way audio on Ring cameras. The FTC also stated that Ring employees had illegally surveilled customers and that the company failed to stop hackers from taking control of users’ cameras. That enforcement action laid bare both the external threat from credential reuse and internal failures at the device manufacturer.

Gaps in public data and what camera owners should do now

Several questions remain open. No federal agency has released raw logs or breach-correlation data linking specific email dumps to subsequent Ring or smart-camera logins. There are no on-the-record statements from victims or device manufacturers confirming the exact password-reuse vectors described in the indictments beyond what prosecutors have alleged. And no primary-source dataset quantifies how many U.S. camera accounts were compromised through credential stuffing between 2023 and 2025.

The FBI’s most recent swatting alert, published in 2025, confirms that the threat has not faded. Threat actors continue to use compromised smart-home devices to target victims nationwide, and the bureau’s guidance has not changed: use a unique password for every account and enable multi-factor authentication everywhere it is available.

The FTC’s consumer guidance reinforces the same point in plain language: “don’t use a password that you’ve used before” because “default choices and reused passwords can be easy for hackers to find online.” The agency also recommends enabling two-factor authentication for any cloud account associated with a home security camera.

For anyone with a smart camera or video doorbell, the first practical step is straightforward. Open the camera app, change the password to something that is not used on any other account, and turn on two-factor authentication before closing the app. If the camera platform does not offer two-factor authentication, that gap itself is a reason to consider switching providers. The federal record shows that a single reused password is enough to turn a home security device into a tool for harassment, and the window between a breach and an account takeover can be disturbingly short.

More from Morning Overview

*This article was researched with the help of AI, with human editors creating the final content.