wordpress blog stats
Connect with us

Hi, what are you looking for?

Hackers breach thousands of cameras used by Tesla, schools, jails and prisons: Report

surveillance, cctv

Silicon Valley startup Verkada Inc, a closed-circuit TV and camera management platform, was hacked by a group of hackers, revealing thousands of hours of footage from over 150,000 surveillance cameras, Bloomberg reported. Some of the company’s clients, which includes hospitals, companies, police departments, prisons and schools, were using a facial-recognition tool to track and monitor their employee’s behaviour among other things.

Verkada provided its services to companies like Tesla, Cloudfare, Halifax Health and Madison County Jail in Alabama, all of whose camera feeds were compromised as part of the hack. The hackers claim to have access to the entire video archive belonging to all of Verkada’s clients. They said that the intention of the hack was to see how pervasive video surveillance is and the ease with which these systems could be compromised. The hackers found that Verkada had implemented a facial-recognition technology, which in the case of hospitals is used to identify and categorise people.

AI tools to monitor and analyse behavior

According to a blogpost by Verkada, one of the tools it offers clients’ is called ‘People Analytics’ through which they clients can “search and filter based on many different attributes, including gender traits, clothing color, and even a person’s face”. The report said that some of the cameras with facial-recognition technology inside the jail, in order to track inmates and correctional staff, were hidden inside vents, thermostats and defibrillators.

While Verkada’s clients may have requested for such technology to be integrated as part of their camera services, some clients may be unaware that in addition to their security teams’ employees of Verkada also had access to the same feeds, the report said. According to Vice, the facial-recognition technology appear to be basic functions of the camera and not add-ons. Verkada, itself, says that all of its cameras include “Smart Edge-Based Analytics” and that as a company they have been building artificial intelligence tools which allows for people detection, bounding boxes and heat maps. 

Tillie Kottmann, one of the hackers, who spoke to Bloomberg, said that the hacking group was able to obtain “root” access on the cameras through a “Super Admin” account for which, the user and password was publicly exposed on the internet. They were able to then use this access to pivot and gain access to the broader network of Verkada’s customers. They could hijack cameras and use them as a platform to launch future hacks, Kottman said.

Advertisement. Scroll to continue reading.

The company has tasked an internal team and an external security firm to investigate the incident, the report said. In a statement to Bloomberg, a Verkada spokesperson said that the company has disabled all internal administrator accounts to prevent any unauthorised access. “Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement,” they said.

List of compromised entities

  • Access to 150,000 surveillance cameras
  • Halifax Health, a hospital in Florida
  • Tempe St. Luke’s Hospital in Arizona
  • A police station in Stoughton, Massachusetts
  • 222 cameras in Tesla’s warehouse in Shanghai
  • Sandy Hook Elementary School in Connecticut
  • Women’s health clinics and psychiatric hospitals
  • Wadley Regional Medical Center, a hospital in Texas
  • 17 cameras inside Graham County detention facility in Arizona
  • 330 security cameras inside the Madison County Jail in Alabama
  • Cloudflare offices in San Francisco, Austin, London and New York

The entire list of entities that may have been compromised in the hack include:

  • K-12 schools
  • Private residences marked as “condos”
  • Shopping malls
  • Credit unions
  • Multiple universities across America and Canada
  • Pharmaceutical companies
  • Marketing agencies
  • Pubs, bars and breweries
  • A Salvation Army Center
  • Churches
  • The Professional Golfers Association
  • Museums
  • A newspaper’s office
  • Airports

Also Read

Written By

Reports on banking, payments, fintech and crypto-curencies. Additional reporting on media regulations, data protection and other areas.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

India and US come to terms on how to deal with the equalisation levy in light of the impending Global Tax Deal.

News

Find out how people’s health data is understood to have value and who can benefit from that value.

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ