{"id":200377,"date":"2021-03-11T21:14:56","date_gmt":"2021-03-11T18:14:56","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/hacked-security-firm-verkada-let-staff-view-clients-cameras\/"},"modified":"2021-03-11T21:14:56","modified_gmt":"2021-03-11T18:14:56","slug":"hacked-security-firm-verkada-let-staff-view-clients-cameras","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/hacked-security-firm-verkada-let-staff-view-clients-cameras\/","title":{"rendered":"#Hacked security firm Verkada let staff view clients’ cameras"},"content":{"rendered":"

#Hacked security firm Verkada let staff view clients’ cameras<\/strong>”<\/p>\n

\n

Surveillance startup Verkada reportedly enabled dozens of staffers to peep on its clients \u2014 just like the hackers who attacked the company this week.<\/p>\n

More than 100 Verkada staffers had access to the internal \u201cSuper Admin\u201d privileges that hackers used Monday to get feeds from more than 150,000 cameras, according to Bloomberg News<\/a>.<\/p>\n

That meant a wide range of workers\u00a0could watch the inner workings of Verkada\u2019s clients, including jails, hospitals, schools and major companies like Tesla, the outlet reported Wednesday, citing three former employees.<\/p>\n

\u201cWe literally had 20-year-old interns that had access to over 100,000 cameras and could view all of their feeds globally,\u201d one source told Bloomberg.<\/p>\n

Tillie Kottmann, one of the hacktivists responsible for the Verkada breach, told surveillance research firm IPVM<\/a> that they posed as an employee with \u201cSuper Admin\u201d privileges to break into the company\u2019s system.<\/p>\n

The Super Admin accounts are supposed to help Verkada workers fix products and help customers with problems, according to Bloomberg. But the company\u2019s lax security measures reportedly made it easy to misuse the system.<\/p>\n

Staffers were supposed to submit a reason for accessing a customer camera, but the documentation was seldom checked, meaning a worker could just enter a space to access a feed, Bloomberg reported.<\/p>\n

Super Admin users could also disable the \u201cprivacy mode\u201d that allowed Verkada clients to hide cameras from the company\u2019s view, according to the outlet. It\u2019s reportedly unclear how many customers knew Verkada employees could access their cameras.<\/p>\n

\u201cCustomers didn\u2019t know and it was known at the company not to tell customers that,\u201d one source with direct knowledge of the matter told IPVM. \u201cNo customer directly asked since any sane person would never expect a vendor to be able to do this so broadly across teams.\u201d<\/p>\n

Verkada told Bloomberg that it has clear policies for how employees should use the Super Admin feature, which was only available to staff who needed to address \u201ccustomers\u2019 questions and technical issues.\u201d<\/p>\n

\n
\"Super
Super Admin users could also disable the \u201cprivacy mode\u201d that allowed Verkada clients to hide cameras from the company\u2019s view.<\/figcaption>
Ted S. Warren\/AP<\/span><\/figcaption><\/figure>\n<\/div>\n

\u201cVerkada\u2019s training program and policies for employees are both clear that support staff members were and are required to secure a customer\u2019s explicit permission before accessing that customer\u2019s video feed,\u201d a company spokesperson told Bloomberg.\n <\/p><\/div>\n

If you liked the article, do not forget to share it with your friends. Follow us on\u00a0Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n

\n

For forums sites go to Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

\n

If you want to read more News<\/a> articles, you can visit our News category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n

Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

“#Hacked security firm Verkada let staff view clients’ cameras” Surveillance startup Verkada reportedly enabled dozens of staffers to peep on its clients \u2014 just like the hackers who attacked the company this week. More than 100 Verkada staffers had access to the internal \u201cSuper Admin\u201d privileges that hackers used Monday to get feeds from more…<\/p>\n","protected":false},"author":1,"featured_media":200378,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/nypost.com\/wp-content\/uploads\/sites\/2\/2021\/03\/hack-allowed-peeping-toms.jpg?quality=90&strip=all&w=1200","fifu_image_alt":"","footnotes":""},"categories":[70897],"tags":[97194,70375,70944,81180,4965],"class_list":["post-200377","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-3-11-21","tag-cybersecurity","tag-hackers","tag-surveillance","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/200377","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=200377"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/200377\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/200378"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=200377"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=200377"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=200377"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}