Mar 9, 2021 - Technology

Bloomberg: Hackers breach 150,000 cameras tied to hospitals, prisons, schools

A security camera points at a computer cursor against a red backdrop

Illustration: Sarah Grillo/Axios

An international hacking group gained access to around 150,000 live-feed security cameras developed by startup Verkada used inside hospitals, companies, police departments, prisons and schools around the world, Bloomberg News reported Tuesday.

Why it matters: The hackers were able to view and copy video from inside multiple health centers, schools, prisons and companies, including carmaker Tesla and software provider Cloudflare.

What they're saying: “We have disabled all internal administrator accounts to prevent any unauthorized access,” a Verkada representative said in a statement, according to Bloomberg.

  • “Our internal security team and external security firm are investigating the scale and scope of this potential issue.”

Context: The group carried out the breach to show the pervasiveness of surveillance and how security systems can be taken advantage of, according to Tillie Kottmann, one of the hackers who claimed credit for the attack, per Bloomberg.

The big picture: The exposed footage reviewed by Bloomberg included hospital staffers tackling and pinning a man to a bed in Halifax Health Medical Center in Florida and officers in a police station in Stoughton, Massachusetts, questioning a handcuffed person.

  • Another video showed workers on an assembly line inside a Tesla warehouse in Shanghai, China.
  • A member of the hacking group told Bloomberg it also gained access to the security cameras in Sandy Hook Elementary School in Newtown, Connecticut, and in Madison County Jail in Huntsville, Alabama.

How it works: The group breached Verkada by finding a user name and password for a company administrator account that had been exposed on the internet.

  • The hackers then used that account to view the cameras of all of Verkada's customers, according to Bloomberg.
Go deeper