A man in front of digital noise.

Chris Yang/Unsplash (CC-BY)

A Silicon Valley surveillance start-up was hacked—its cameras are everywhere

Hackers were able to access live video feeds inside of jails and even a Tesla plant.

 

Mikael Thalen

Tech

Posted on Mar 11, 2021   Updated on Mar 11, 2021, 1:39 pm CST

A group of hackers are reported to have gained access to thousands of Verkada surveillance cameras across the globe, allowing them to monitor live feeds from within hospitals, prisons, and even a Tesla warehouse.

As reported by Bloomberg this week, 150,000 surveillance cameras operated by the Silicon Valley startup company Verkada were exposed by an international hacking collective.

The hackers said they were able to access not only 222 surveillance cameras used by Tesla, but cameras inside of schools, police departments, psychiatric hospitals, women’s health clinics, and even Verkada’s own offices.

Some of the surveillance cameras were also found to be utilizing facial recognition technology.

The goal of the breach, according to Tillie Kottmann, a hacker involved in the targeting of Verkada, was to reveal how pervasive and vulnerable such surveillance systems can be.

Kottman further explained that the hack was also spurred by “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism—and it’s also just too much fun not to do it.”

The breach was made possible after the hackers located a Verkada employee’s login credentials that were left publicly exposed online. The administrative account was designed to allow Verkada employees to gain remote access to any of its customers’ camera feeds.

Kottmann added that the hack “exposes just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit.”

After learning of the exposure, Verkada said in a statement that it alerted law enforcement and “disabled all internal administrator accounts to prevent any unauthorized access” while its security team investigates the scale of the hack.

Although they have lost access to live feeds as a result, Kottmann said they were able to download Verkada’s customer list as well as a balance sheet.

Other cameras that the hackers accessed belonged to Verkada customers such as software provider Cloudflare, luxury gym chain Equinox, and Sandy Hook Elementary School in Newtown, Connecticut. One camera was even found inside the home of a Verkada employee.


Read more of the Daily Dot’s tech and politics coverage

EXCLUSIVE: Barry Loudermilk was instrumental in pushing Italian satellite conspiracy to top Republican
How accusations around a major NFT release sank it—and raised questions about an alleged NFT ‘ring’
EXCLUSIVE: Far-right organization in Maine obsessed with ‘grooming’ in schools accidentally platformed a convicted sex offender
TikTokers’ new conspiratorial obsession with elites being reptiles has a long, sordid past
EXCLUSIVE: ‘That’s the picture of him buying a gun’: Uvalde mass shooting suspect bought an AR-15 online last week
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Mar 11, 2021, 1:21 pm CST