Hackers compromise Silicon Valley surveillance company, 150,000 government corporate cameras compromised

Hacker group Kottmann (Kottmann) said March 9 that they hacked into a massive collection of security camera data collected by Silicon Valley startup Verkada (Verkada Inc.) to access live footage from 150,000 surveillance cameras in U.S. hospitals, companies, police departments, prisons and schools.

Companies whose camera data was exposed include automaker tesla (Tesla) Inc. and software provider Cloudflare Inc. In addition, Hackers were able to access camera information from women’s health clinics, psychiatric hospitals and Welkada offices. Certain cameras, including those in hospitals, use facial recognition technology to identify and classify people seen on camera. Hackers said they also had access to the full video archives of all Welkada clients.

Bloomberg notes that in one exposed video, a Welkada camera inside Halifax Health in Florida shows what appears to be eight hospital staff members tying up a man and securing him to a bed.

Another surveillance video from inside a Tesla warehouse in Shanghai shows the workflow of workers on an assembly line. Hackers said they had access to 222 cameras in Tesla’s factory and warehouse.

The same hacking group previously compromised chipmaker Intel Corp. and automaker Nissan Motor Co.

“We have disabled all internal administrator accounts to prevent any unauthorized access,” a Welkada representative said in a statement. “Our internal security team and external security firms are investigating the size and scope of this potential issue.”

Welkada’s chief information security officer, internal team and external security firm are investigating the incident, said the person familiar with the matter. For its part, the company said it is currently working to notify customers and establish a support line to resolve the issue, said the person, who requested anonymity to discuss the ongoing investigation.

Representatives from Tesla and other affected companies did not immediately respond to requests for comment. Representatives of the prisons, hospitals and schools where the videos were leaked declined to comment or did not immediately respond to requests for comment.

A leaked video seen by Bloomberg shows police officers in a police station in Stoughton, Massachusetts, questioning a man in handcuffs. Hackers also released security camera video from Sandy Hook Elementary School in Newtown, Connecticut, where a gunman killed more than 20 people in 2012.

Hackers also had access to 330 security cameras located inside the Madison County Jail in Huntsville, Alabama. According to a post on the Welkada blog, Welkada offers a feature called “persona analysis” that allows customers to “search and filter based on many different attributes, including gender identity, color of clothing, and even a person’s facial features.

Some images show cameras in some U.S. prisons, some of which are hidden in vents, thermostats and defibrillators, using facial recognition technology to track the cameras of inmates and correctional officers. Hackers said they were able to access live scenes and archived video of conversations between police and suspects, including audio in some cases, all presented in 4K high-definition mode.

Cottman said their team was able to gain “administrator root” access on the cameras, meaning they could use them to execute their own code. In some cases, this access may allow them to transfer and gain access to the broader corporate network of Welkada’s customers, or hijack the cameras and use them as a platform to launch future hacking attacks. Getting this level of camera access does not require any additional hacking because it is a built-in feature, Kottman said.

The hackers’ method was not complicated: They accessed Welkada through a “super administrator” account, which allowed them to spy on all of their customers’ cameras. Kottmann says they found the username and password of the administrator account that was publicly displayed on the Internet.