According to a media report, hackers tapped 150,000 surveillance cameras from a US company in hospitals, prisons, schools and police stations, among other places. Companies such as the electric car manufacturer Tesla and the IT security company Cloudflare were also affected, as the financial service Bloomberg reported on Wednesday night. The hackers presented images from the Tesla site in Shanghai. The Californian startup Verkada, from which the cameras come, told Bloomberg in an initial reaction that they were investigating “the extent of the potential problem”.
It happens again and again that pictures are tapped by cheap security cameras for the household – especially if the users do not replace the preset standard passwords of the devices – that a company with large customers is hacked that advertises with more security through facial recognition , on the other hand, is exceptional.
According to Verkada, the system can warn, for example, if a certain person comes into view of the cameras. When investigating incidents, customers could also search for the color of clothing or gender characteristics, says Verkada on the company’s website. The image recognition can read car license plates, among other things. In the corona pandemic, the company introduced a function that sounds the alarm if more people than allowed gather in one place.
Also interesting: facial recognition software is getting better and better with masks
Even hospital cameras tapped
The hackers demonstrated the report after recordings from a Bloomberg Massachusetts State Police Department, Alabama Prison and Florida Hospital. In the prison they managed to tap 330 cameras. At Tesla there were 222 cameras. They would also have gained access to the Verkada customers’ video archive. It is rather unusual that stored internal recordings are not exclusively accessible to the company or the institution itself.
The hackers said they found access data for you Administrator account with extensive access, publicly available on the Internet. As a “super administrator” you could tap into a large number of cameras. The hackers lost access after Bloomberg made a request to the company on the subject.
The hackers provided Vice magazine with a list of Verkada -Customers available. The 24,000 entries also include bars, shops, apartment buildings, churches, airports and universities in the US and Canada, Vice wrote. dpa