An international hacking group gained access to around 150,000 live-feed security cameras developed by startup Verkada used inside hospitals, companies, police departments, prisons and schools around the world, Bloomberg News reported Tuesday.
Why it matters: The hackers were able to view and expose video from inside multiple health centers, schools, prison and companies, including carmaker Tesla and software provider Cloudflare.
What they're saying: “We have disabled all internal administrator accounts to prevent any unauthorized access,” a Verkada representative said in a statement, according to Bloomberg.
- “Our internal security team and external security firm are investigating the scale and scope of this potential issue.”
Context: The group carried out the breach to show the pervasiveness of surveillance and how security systems can be taken advantage of, according to Tillie Kottmann, one of the hackers who claimed credit for the attack, per Bloomberg.
The big picture: The exposed footage reviewed by Bloomberg included hospital staffers tackling and pinning a man to a bed in Florida hospital Halifax Health and officers in a police station in Stoughton, Massachusetts, questioning a handcuffed person.
- Another video showed workers on an assembly line inside a Tesla warehouse in Shanghai, China.
- A member of the group told Bloomberg it also gained access to the security cameras in Sandy Hook Elementary School in Newtown, Connecticut, and in Madison County Jail in Huntsville, Alabama.
How it works: The group breached Verkada by finding a user name and password for a company administrator account that had been exposed on the internet.
- The hackers then used that account to view the cameras of all of Verkada's customers, according to Bloomberg.
The data breach follows last week's revelation of a new cyberattack against thousands of U.S. businesses and local governments through flaws in Microsoft's Exchange Server and the SolarWinds attack that surfaced late last year.