A group of hackers allegedly breached Verkada, a provider of enterprise security software and hardware, gaining access to live feeds of 150,000 security cameras, according to a Bloomberg report.
An international collective of hackers accessed video from Tesla, Cloudfare, schools, hospitals, prisons and thousands of other organizations, according to the report.
Hackers managed to gain โSuper Adminโ-level access to Verkadaโs system using a username and password it found publicly on the internet. From there, the members were able to access the entire companyโs network, including root access to the cameras themselves, which, in turn, allowed the group to access the internal networks of some of Verkadaโs customers.
In addition, hackers were able to view video from inside womenโs health clinics, psychiatric hospitals and the offices of Verkada itself. Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorize people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers, according to Bloomberg.
In a video seen by Bloomberg, a Verkada camera inside Florida hospital Halifax Health showed what appeared to be eight hospital staffers tackling a man and pinning him to a bed. Halifax Health is featured on Verkadaโs public-facing website in a case study entitled: โHow a Florida Healthcare Provider Easily Updated and Deployed a Scalable HIPAA Compliant Security System.โ
Another video, shot inside a Tesla warehouse in Shanghai, shows workers on an assembly line. The hackers said they obtained access to 222 cameras in Tesla factories and warehouses, according to Bloomberg.
The report cites a statement from Tillie Kottmann, said to be one of the hackers who claimed credit for breaching Verkadaโs networks. Kottmann said the collectiveโs actions were intended to show the pervasiveness ofย video surveillanceย and the ease with which systems could be broken into.
Kottmann previously claimed credit for hacking chipmaker Intel Corp. and carmaker Nissan Motor Co. Kottmann said the groupโs reasons for hacking are โlots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism โ and itโs also just too much fun not to do it.โ
In a statement to Bloomberg, a Verkada representative said: โWe have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security firm are investigating the scale and scope of this potential issue.โ
Founded in 2016, Verkada, based here, sells security cameras that end users can access and manage through the web. In January 2020, it raised $80 million in venture capital funding, valuing the company at $1.6 billion.
This article originally appeared on our sister publication Security Sales & Integration‘s website.
