Silicon Valley startup Verkada Inc. was saw its 150,000 security cameras breached by hackers, exposing live footage from a variety of enterprise customers, including Tesla, reports Bloomberg.
Both live and video archives were breached, exposing footage belonging to Verkada customers, which includes schools, hospitals, jails, police departments and more.
“Another video, shot inside a Tesla warehouse in Shanghai, shows workers on an assembly line. The hackers said they obtained access to 222 cameras in Tesla factories and warehouses,” reports Bloomberg.
One of the hackers who claimed credit for hacking into Verkada, said it was performed by an international group, to show how broad video surveillance is and how vulnerable systems are.
Tillie Kottmann told Bloomberg the hacks took place due to “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism — and it’s also just too much fun not to do it.”
In response to the hack, Verkada says it has “disabled all internal administrator accounts to prevent any unauthorized access,” adding, “our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.”
Hacker said they gained access via a ‘Super Admin’ account, found via credentials publicly exposed on the World Wide Web.
Hackers had access to a variety of video feeds, including cameras from one Verkada employee’s home, and even the offices of Cloudflare.
“If you are a company who has purchased this network of cameras and you are putting them in sensitive places, you may not have the expectation that in addition to being watched by your security team that there is some admin at the camera company who is also watching,” added Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation.
