A group of hackers are reported to have gained access to thousands of Verkada surveillance cameras across the globe, allowing them to monitor live feeds from within hospitals, prisons, and even a Tesla warehouse.
As reported by Bloomberg this week, 150,000 surveillance cameras operated by the Silicon Valley startup company Verkada were exposed by an international hacking collective.
The hackers said they were able to access not only 222 surveillance cameras used by Tesla, but cameras inside of schools, police departments, psychiatric hospitals, women’s health clinics, and even Verkada’s own offices.
The goal of the breach, according to Tillie Kottmann, a hacker involved in the targeting of Verkada, was to reveal how pervasive and vulnerable such surveillance systems can be.
Kottman further explained that the hack was also spurred by “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism—and it’s also just too much fun not to do it.”
The breach was made possible after the hackers located a Verkada employee’s login credentials that were left publicly exposed online. The administrative account was designed to allow Verkada employees to gain remote access to any of its customers’ camera feeds.
Kottmann added that the hack “exposes just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit.”
After learning of the exposure, Verkada said in a statement that it alerted law enforcement and “disabled all internal administrator accounts to prevent any unauthorized access” while its security team investigates the scale of the hack.
Although they have lost access to live feeds as a result, Kottmann said they were able to download Verkada’s customer list as well as a balance sheet.
Other cameras that the hackers accessed belonged to Verkada customers such as software provider Cloudflare, luxury gym chain Equinox, and Sandy Hook Elementary School in Newtown, Connecticut. One camera was even found inside the home of a Verkada employee.
This week’s top technology stories
|A ‘deepfake’ of a vaping teen is at the center of a harassment case—but what if it’s not faked?|
|The media and big tech used to love each other—here’s how it all soured|
|The truth of QAnon has been staring us in the face all along|
|Clubhouse’s desire for exclusivity is harming the Deaf community|
|Will the U.S. finally get its act together on facial recognition laws?|
|Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.|