Site icon Wonderful Engineering

Cloud-based Security Startup Gets Hacked, Exposes 150,000 Cameras, Including In Tesla Factories

Security startup Verkada hack exposes 150,000 security cameras in Tesla factories, jails, and more

A considerably giant security breach for a cloud-based security service of the Silicon Valley.

Verkada is a Silicon Valley startup that gives cloud-based security camera services. It went through a massive security breach. 150,000 Verkada installed cameras were hacked, including cameras installed in Tesla warehouses and factories, Cloudflare offices, Equinox gyms, jails, hospitals, police stations, schools, and even the ones installed in the Verkada’s offices.

A statement came out from the hackers after the successful hack. Tillie Kottman is one of the international hacker collective members, and he said that the hack was done to show how easy it is to breach the Verkada’s system, which then enabled to hack all of its installed cameras. The hackers didn’t only gain control over the company’s cameras’ live feed but also gained access to clients’ full video archive database.

Verkada Inc. security cameras on the company’s headquarters in San Mateo, California, U.S., on Wednesday, March 10, 2021. A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons, and schools. Photographer: David Paul Morris/Bloomberg

In a statement to Bloomberg, a Verkada official said: “We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security firm are investigating the scale and scope of this potential issue.” Following Bloomberg’s request to Verkada, the group lost passage to both its archives and live feeds.

Seemingly, hackers easily hacked the systems and said that they managed to gain control over ‘super-admin’ level access to Verkada’s database by using account login credentials that they found over the web. Once getting hold of the password and login, the hackers could reach the company’s complete network. It included root access to the cameras, which enabled them to access Verkada’s customer’s internal networks.

Verkada boasts itself with its services of internet-connected security cameras aiming to provide silicon valley with a ‘software first approach’ to lay down security services smooth and modern, just like the functioning of the companies they aim to protect. The cloud-connected cameras come with a modern web-based layout for companies to overlook their offered feeds and facial recognition software.

Verkada has been under pressure previously for accusations of sexism and discrimination because of a 2019 incidence occurring. The news recorded that Verkada’s sales director was involved in secretly photographing and harassing female co-workers. Later, those images were posted on the company’s slack chat. The CEO’s response on this was even worse, and he offered members of the Slack chat to either leave the company or have their stock options cut.

Verkada’s list of clients is pretty extensive; along with hacking into the companies like Tesla and Cloudflare, the hacking group obtained access to Verkada cameras installed at Halifax Health, a hospital in Florida, Newtown Sandy Hook Elementary School, Madison County Jail, and a lot of other organizations. Along with the camera footage, the hacking group said they easily accessed the entire list of the company’s thousands of customers and private financial information.