According to a media report, hackers tapped 150,000 surveillance cameras from a US company in hospitals, prisons, schools and police stations, among other places. Companies such as the electric car manufacturer Tesla and the IT security company Cloudflare were also affected, as the financial service Bloomberg reported on Wednesday night. The hackers presented images from the Tesla site in Shanghai.
Image: APA
The Californian start-up Verkada, from which the cameras come, told Bloomberg in an initial reaction that they were investigating “the extent of the potential problem”. It does happen again and again that pictures are tapped by cheap security cameras for the household – especially if the users do not replace the preset standard passwords of the devices. On the other hand, the fact that a company with large customers was hacked, which specifically advertised with more security through facial recognition, is extraordinary.
The hackers demonstrated to Bloomberg the report after footage from a police station in Massachusetts, a prison in Alabama and a hospital in Florida. In the prison they managed to tap 330 cameras. At Tesla there were 222 cameras. They would also have gained access to the Verkada customers' video archive. It is rather unusual that saved internal recordings are not only accessible to the company or the institution itself.
According to their own statements, the hackers found access data for an administrator account with extensive access that was publicly available on the Internet. As a “super administrator” you could tap into a multitude of cameras. The hackers lost access after Bloomberg made a request to the company on the subject.
