Security startup Verkada has suffered a cyberattack, giving hackers access to more than 150,000 security cameras located in sites such as prisons or car factories.
Cyber attacks are more present than ever; We already saw it last Tuesday with the ransomware hacking located in some countries that attacked the SEPE. Now it is the turn of Verkada, a startup focused on U.S. security that has suffered a fairly serious hack affecting its security cameras.
Specifically, more than 150,000 cameras have been affected, to which hackers have gained access due to a security breach. The attackers managed to access security cameras located in all kinds of places, even managing to view cameras installed in Tesla factories and Cloudflare offices.
According to Bloomberg, which collects the testimonies of one of the members of the hacker collective that attacked Verkada’s system, the idea behind this attack was to show how easily this company’s security cameras can be hacked.
Security cameras hacked
Tillie Kottman, the member in question, explains that the intention was not to attack the cameras as such to harm the company but, once again, to shed light on the relevance of the security problems of the company’s devices. A company representative has already assured us that they are taking action on the matter.
They have prevented any illicit access by “disabling internal administration accounts”. Verkada’s security team is already “investigating the scale and scope of this problem”. But how did the hackers manage to break into the camera system?
Precisely through these accounts. They gained administrator-level access to Verkada’s system, using login credentials they found publicly on the Internet. Once inside, they had the entire Verkada system at their disposal to subsequently access the camera networks.
Cameras, by the way, located in Tesla factories and even in hospitals and technological and health institutions. As if that were not enough, in addition to the images from the security cameras, the group claims that they were able to access the complete list of the startup’s customers, including the financial information of these companies’ agreements.
Seeing the number of Verkada’s clients, we quickly realize the magnitude of the problem, since companies such as Tesla, Cloudflare, hospitals, prisons, etc. are involved. While it is true that the group of hackers had no intention of directly attacking Verkada’s system, this fact shows how necessary it is for companies to invest in cybersecurity.