A report of Bloomberg says the hackers breached the security of Verkada, a corporate video surveillance company, and were able to access live feeds from more than 150,000 cameras. The reporter contacted the hackers, who said they had access to hundreds of cameras at Tesla’s facilities, as well as other companies like Cloudflare.
In a statement, a Verkada spokesman said: “We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security company are investigating the scale and scope of this issue and we have notified the authorities . “
Hackers said they lost access after Bloomberg contacted the company, but it initially entered through a “Super Admin” login that was exposed on the Internet and then used built-in camera features to obtain root access and remote control. Motherboard had previously reported on Verkada employees who used surveillance cameras in their own office to harass other people and take pictures of the women they worked with, and now have obtained a spreadsheet from the hackers identifying 24,000 organizations that may be using their cameras.
Verkada
On its website, Verkada touts its ability to provide secure remote access to camera feeds, “providing real-time visibility of events across all sites”. It also announces “video analysis” that can rely on facial recognition, identification and vehicle tracking using technology integrated directly into the cameras. One of the people in the group behind the rape said Bloomberg that this incident “exposes how widely we are being watched, and how little care is put into at least protecting the platforms used to do this, seeking nothing but profit.”