Hackers breach thousands of security cameras, exposing Tesla Shanghai factory and US jails

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley start-up Verkada Inc, gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.

Companies whose footage was exposed include carmaker Tesla Inc and software provider Cloudflare Inc. In addition, hackers were able to view video from inside women’s health clinics, psychiatric hospitals and the offices of Verkada itself. Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorise people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers.

In a video seen by Bloomberg, a Verkada camera inside Florida hospital Halifax Health showed what appeared to be eight hospital staffers tackling a man and pinning him to a bed. Halifax Health is featured on Verkada’s public-facing website in a case study entitled: “How a Florida Healthcare Provider Easily Updated and Deployed a Scalable HIPAA Compliant Security System.”

Another video, shot inside a Tesla warehouse in Shanghai, shows workers on an assembly line. The hackers said they obtained access to 222 cameras in Tesla factories and warehouses.

The data breach was carried out by an international hacker collective and intended to show the pervasiveness of video surveillance and the ease with which systems could be broken into, said Tillie Kottmann, one of the hackers who claimed credit for breaching San Mateo, California-based Verkada. Kottmann, who uses they/them pronouns, previously claimed credit for hacking chip maker Intel Corp and carmaker Nissan Motor Co. Kottmann said their reasons for hacking are “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism – and it’s also just too much fun not to do it.”