Thousands of security cameras, including in jails and even Tesla offices, hacked

Some of the hacked Verkada cameras featured facial recognition

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers have breached startup Verkada and gained access to live feeds and archives of over 150,000 of itssecurity cameras.

The California firm provides cloud-based security camera services to several companies and institutions around the world, including the likes of Tesla, Cloudflare and Equinox gyms, alongside hospitals, jails, schools, and police stations.

Tillie Kottmann, one of the members of the international hacker collective that claims credit for the breach, toldBloombergthat the hack was meant to show how easy it is to break into Verkada.

Glimpse of the world

Kottmann toldBloombergthat the hack was relatively simple. The group found the credentials of an administrator account on the Internet that worked and gave them access to the cameras.

The hackers shared glimpses of the feeds, including one from inside a hospital where workers tackled and pinned a man to a bed, while another showed police officers questioning a man in handcuffs.

A couple of the feeds, one from inside a jail and another from Cloudflare’s offices, even had facial recognition functions. Using facial recognition cameras inside offices is a hotly debated topic that riles up privacy advocates.

“While facial recognition is a beta feature that Verkada makes available to its customers, we have never actively used it nor do we plan to,” Cloudflare said in a statement following news of the breach at Verkada.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In addition to the live feeds, the group also claimed to have gained access to the full video archive of all of Verkada’s customers.

After news of the breach was shared with Verkada, the company disabled administrator accounts and the hackers lost access to the video feeds and archives, confirmed Kottmann.

While Verkada reviews its security processes, it must also consider the prudency of having admin accounts that have access to their entire repository of security cameras.

Via:Bloomberg

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’