If they have a hash, but there is no indication this is due to a breach of Amazon but likely people getting viruses by installing EXE porn and what not.
You would think so, but, it seems that rainbow tables are surprisingly effective, so that tells you that a lot of corporations -I suspect IoT are the worst offenders- are on low-sodium diets.
Do you have a source for rainbow tables are surprisingly effective?
I was actually under the impression that they're generally overhyped and not useful in most situations.
Even if most IoT companies don't use per-user salts, Ring is one of the most respected ones, since it's run by Amazon. So it likely has salts.
Actually, thinking about this more, I don't think rainbow tables are useful here even without per-user salts. The purpose of rainbow tables is to be a storage optimization, so that you can use less storage than a hash table, while still having a lot of the benefits of a hash table. But this specific use case discussed here is "passwords compromised in non-Ring breaches", for which there is enough storage for a hash table. So a rainbow table provides no benefit over a hash table.
For more information on what rainbow tables are read this (note that the first page doesn't even explain rainbow tables, you have to click part 2 at the bottom to get to the actual explanation of rainbow tables):