Thousands of security cameras, including in jails and even Tesla offices, hacked

News
By
published

Some of the hacked Verkada cameras featured facial recognition

Security camera
(Image credit: Pixabay)

Hackers have breached startup Verkada and gained access to live feeds and archives of over 150,000 of its security cameras.

The California firm provides cloud-based security camera services to several companies and institutions around the world, including the likes of Tesla, Cloudflare and Equinox gyms, alongside hospitals, jails, schools, and police stations.

Tillie Kottmann, one of the members of the international hacker collective that claims credit for the breach, told Bloomberg that the hack was meant to show how easy it is to break into Verkada.

Glimpse of the world

Kottmann told Bloomberg that the hack was relatively simple. The group found the credentials of an administrator account on the Internet that worked and gave them access to the cameras.

The hackers shared glimpses of the feeds, including one from inside a hospital where workers tackled and pinned a man to a bed, while another showed police officers questioning a man in handcuffs. 

A couple of the feeds, one from inside a jail and another from Cloudflare’s offices, even had facial recognition functions. Using facial recognition cameras inside offices is a hotly debated topic that riles up privacy advocates. 

“While facial recognition is a beta feature that Verkada makes available to its customers, we have never actively used it nor do we plan to,” Cloudflare said in a statement following news of the breach at Verkada.

In addition to the live feeds, the group also claimed to have gained access to the full video archive of all of Verkada’s customers. 

After news of the breach was shared with Verkada, the company disabled administrator accounts and the hackers lost access to the video feeds and archives, confirmed Kottmann.

While Verkada reviews its security processes, it must also consider the prudency of having admin accounts that have access to their entire repository of security cameras.

Via: Bloomberg

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.