Hackers gain access to Administrative accounts of camera maker Verkada, gains access to live camera footage of thousands of businesses

According to one of the hackers who was involved in the breach, a small group of hackers were able to view live and archived surveillance footage from hundreds of businesses including that of Tesla Inc over the past two days. Hackers gained access to live footage after gaining administrative access to camera maker Verkada.

Tillie Kottmann, a Swiss software developer who shot to fame after finding security flaws in mobile apps and in other systems, shared screenshots of a Tesla warehouse in California on Twitter. He also shared screenshot of an Alabama jail on Twitter.

While Kottmann declined to name other members of the hacking group, he said, the purpose of the sharing the screenshots was to draw attention to the pervasive monitoring of citizens. The hackers found login information for Verkada’s administrative tools online.

Verkada acknowledged an intrusion, saying it had disabled all internal administrator accounts to prevent unauthorized access.

“Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement” and customers, said the company.

Kottmann went on to add, if the intent of the group was malicious, it could have used the access to see parts of the Tesla’s facilties along with those of Cloudflare Inc and Okta Inc.

Neither Tesla, Cloudflare or Okta immediately responded to requests for comments.

A list of Verkada user accounts provided by the hacking group includes thousands of organizations, including gym chain Bay Club and transportation technology startup Virgin Hyperloop.

Neither Madison County Jail in Alabama, Bay Club or Virgin Hyperloop immediately responded to requests for comments.

Verkada has mentioned on its website that it has more than 5,200 customers, including cities, colleges and hotels. Its cameras have proved popular because they pair with software to search for specific people or items. Users can access feeds remotely through the cloud.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s