Security cameras of surveillance company Verkada has been accessed by a group of hackers and live feeds from over 150,000 security cameras were exposed, including those situated in prisons, hospitals, schools, police stations, and Tesla factories.
Besides images captured from the cameras, the hackers also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ.
The hackers gained access to these surveillance systems using a super admin account for Verkada and the Silicon Valley startup disabled all internal administrator accounts to prevent further access. The hackers were reported to have access to the full video archive of all Verkada customers.
Verkada has described itself as bringing “the ease of use that consumer security solutions provide, to the levels of scale and protection that businesses and organizations require”.
The hackers claimed responsibility for the incident and stated that the breach was intended to show the pervasiveness of video surveillance and the ease with which systems could be broken into.
The company stated that their internal security team and external security firm are investigating the scale and scope of the issue, and that they have notified law enforcement.
Verkada makes enterprise security systems such as automation and IoT surveillance camera and has over 5,200 customers, including Cloudflare, Equinox, the Salvation Army, and Tesla. The customers of the company have been notified regarding the issue.