Verkada facial recognition camera hack prompts security, ethics concerns
Verkada facial recognition camera hack prompts security, ethics concerns
Embedded Files
Occurred: March 2021
Report incident ๐ฅ | Improve page ๐ | Access database ๐ข
Hackers breached facial recognition camera company Verkada, prompting concerns about its security, privacy, transparency and integrity.
Carried out by a hacker collective which aimed to show the pervasiveness of video surveillance and the ease with which systems could be broken into, the breach involved gaining access to Verkada through a 'Super Admin' account, thereby allowing the hackers to view the cameras of all of its customers.
The hackers gained access to live and archived footage of over 150,000 cameras inside the firm's customers facilities across the world, including Tesla factories, hospitals, schools, police stations, as well as those in its own offices.
The hackers also acquired a customer list containing over 24,000 unique organisations.
The incident prompted investigations by authorities, including the US Federal Trade Commission (FTC) and US Department of Justice, into Verkada's security practices and marketing claims.
โ April 2021. Verkada CEO Filip Kaliszan announced measures to improve security, including red team/blue team exercises, a bug bounty program, mandatory two-factor authentication use by Verkada support staff, and the sharing of more audit logs with Verkada customers.
โ August 2024. The FTC announced it would require Verkada to develop and implement a "comprehensive" information security programme.
โ September 2024. The US Department of Justice announced it would sue Verkada for violating the CAN-SPAM Act.
Operator: Verkada; Tesla; Cloudflare; Halifax Health
Developer: Verkada
Country: USA
Sector: Automotive; Govt - police; Govt - justice; Education; Health; Technology
Purpose: Strengthen security; Identify individuals
Technology: Facial recognition; Machine learning
Issue: Privacy; Security; Transparency
Legal, regulatory ๐ฉ๐ผโโ๏ธ
Legal, regulatory ๐ฉ๐ผโโ๏ธ
Department of Justice. USD 2.95M Penalty and Permanent Injunction Resolves Lawsuit Against Verkada Inc. for Alleged Unlawful Commercial Emails, Data Security Failures and Deceptive Practices
Federal Trade Commission. FTC Says Surveillance Camera Company Verkada Has A Lotta Explaining To Do After Lax Data Security Practices and More
Page info
Type: Issue
Published: March 2021
Page updated
Google Sites
Report abuse