I see the IP of the device used to log in is back, but it only shows the first 2 octets.
If someone other than the account owner has the same ISP, and their gateway is the same as the account owner, there is no way to determine who the un-authorized user is.
For that matter, if the account owner initially logged in using a mobile cellular connection, their IP would change every time they re-connect the device to the cellular network.
Going forward, it would be useful if the ring devs add the fingerprint of the device, which would be more easily recognized by the account owner as their own [or not].