A hacker group claims to have broken into the networks of cloud-based surveillance startup Verkada, giving them unfiltered access to thousands upon thousands of live security camera feeds.
The hack first got public attention on Tuesday afternoon when a Twitter user named “Tillie” began leaking alleged images of the hack on the Internet: “Have you ever wondered what a @Tesla warehouse looks like?” the hacker joked, dangling a photo of what appears to be an industrial facility.
Tillie, who goes by the full name of Tillie Kottmann and uses these pronouns, is reportedly part of an international hacker collective responsible for the Verkada violation, according to a report from Bloomberg. Once inside, the hackers were able to use the company’s security feeds to peek into the inner workings of throngs of organizations, including medical facilities, psychiatric hospitals, prisons, schools and police departments, and even large corporations like Tesla, Equinox and Cloudflare. The scope of the hack seems enormous.
Among other things, Kottmann suggested on Tuesday that they could have used their access to Verkada to hack Cloudflare CEO Matthew Prince’s laptop:
G / O Media can receive a commission
The hacker group has attracted a striking amount of public attention by calling the burglary campaign ‘Operation Panopticon’ and claiming that ‘End surveillance capitalismBy drawing attention to the ways in which ubiquitous surveillance is dominating people’s lives. The group seems to be going nicknamed “Arson Cats” and also calls himself one ‘APT regarding the way threat groups are labeled as “advanced persistent threats” by security research firms.
According to Bloomberg, “Arson Cats” gained access to the company through a pretty big security blunder: the hackers discovered a password and username for a Verkada administrative account that had been made public on the Internet. In a Twitter post, Tillie reiterated this to Gizmodo, claiming that once they compromised the administrator account (called a “super administrator”), they were able to connect to any of the 150,000 video feeds in Verkada’s library.
“The access we had allowed us to impersonate any user of the system and access their view of the platform,” the hacker said, further explaining that the “super administrator rights also gave us access to the root shell with at the click of a button. “
When asked if there was a political message behind the hack, Tillie said part of it was the fact that they hated “surveillance capitalism”:
“Yes, I think I hate capitalism in general, and surveillance capitalism in particular is a terrible and disgusting part of that,” said the hacker. “However, the insight that we have access to these camera feeds has also given us a very interesting way to see things that we all know are happening behind closed doors, but that we usually never get to see.”
At the time of publication, representatives of Verkada were not available for comment. Emails sent to Tesla and Equinox have not yet been answered. A Cloudflare representative sent the following message:
This afternoon we were warned that the Verkada security camera system guarding the main access points and main avenues in a handful of Cloudflare offices may have been compromised. The cameras were located in a handful of offices that have been officially closed for several months. As soon as we became aware of the compromise, we turned off the cameras and disconnected them from the office networks. To be clear, this incident does not affect Cloudflare’s products and we have no reason to believe that an incident involving security cameras in the office would impact customers.