To demonstrate how pervasive video surveillance in today’s age is and the ease with which systems could be broken into, a group of hackers found their way into a massive collection of security-camera data collected by Silicon Valley startup Verkada Inc. They gained access to live feeds of 1,50,000 surveillance cameras inside hospitals, companies like Tesla automakers, police departments, prisons, and schools.
According to a report by Bloomberg, the data breach was carried out by an international hacker collective on Monday, and one of their hacked videos revealed surveillance footage shot inside a Tesla warehouse in Shanghai. The video shows workers on an assembly line. The report mentions that the hackers said they obtained access to 222 cameras in Tesla factories and warehouses.
Another video that was accessed by the hackers showed a Verkada camera inside Florida-based hospital Halifax Health that showed eight-hospital staffers tackling a man and pinning him to a bed. The report mentions that a few of the cameras they have had access to use facial-recognition technology to identify and categorize people captured on the footage, including in hospitals. The hackers say they also have access to the complete video archive of all Verkada customers.
Speaking to Bloomberg, one of the hackers, Tillie Kottmann, said that their reasons for hacking stems from lots of curiosity, fighting for freedom of information and against intellectual property. They further mentioned that they are also inspired by a huge dose of anti-capitalism, a hint of anarchism and the idea is also just too much fun not to do it. Kottmann has earlier claimed credit for hacking into the systems of chipmaker Intel Corporation and carmaker Nissan Motor company. Kottmann further said that their exposes just how widely people are being surveilled, and how little care is put into at least securing the platforms that are used to do so, pursuing nothing but profit. They also said that it is “wild” how they can just see the things we always knew are happening, but we never got to see.
Whereas, Verkada spokesperson said in a statement that they have disabled all internal administrator accounts to prevent any unauthorized access. The statement further read that their internal security team and external security firm are investigating the scale and scope of this issue, and they have notified law enforcement.