The bitter dose, in this case, would be to judge Verkada as the erring party.Ĭonclusively, databases are most likely to face hacking vulnerabilities with the increase in the number of super admin accounts. The issue also raises eyebrows on whether companies should operate multiple super admin accounts considering how delicate such databases can be. The Verkada hack incidence raises many questions concerning how secure your information is any time you entrust it to other parties. However, the management revealed that the company’s databases and systems had been secured in a move to reassure its customers. It’s now clear that the hackers also gained access to a wide range of information like sales orders and lists of consumer accounts’ administrators. The management revealed that Kattie’s team had gained access to the company’s databases through its support team’s Jenkins server used for maintenance operations on the client’s cameras. Verkada’s report about the incident agreed that the hackers had “gained access to a tool that allowed the execution of shell commands on a subset of customer cameras”.
Verkada breach details software#
This made it easy to breach the software startup’s databases and all cameras belonging to Verkada’s customers. Kattie claimed that the hacker group was able to acquire Verkada’s administrator account’s credentials that were available online with “super admin” rights. Twitter considered suspending Kattie Kottman’s account as the best measure after he’d leaked Tesla’s security footages.
Verkada breach details code#
However, it’s not clear whether the hashtag only refers to Verkada’s attack or a code for a collection of breaches against other companies that could expose millions of surveillance cameras to risk. Kattie took to social media with the # OperationPanopticon hashtag. It’s in the public domain that Kattie was credited for penetrating Intel’s data systems in august 2020 and Nisan Motors Inc.
Kottman explained that their hackers’ pursuit fueled the move to conduct this attack with “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism-and it’s also just too much fun not to do it.” Tillie Kottmann, a member of “APT-69420 Arson Cats” claimed credit of the Verkada breach. Worrisomely, some of the cameras have inbuilt facial recognition software that makes it easy to identify and recognize the individuals captured on the videos.
Verkada breach details full#
The hacker group also claimed that they had full access to the entire video archives of Verkada’s customers. Multinationals like carmakers Tesla and Nissan and the software company Cloudflare fell victims to the data security breach.Ī report released by Tillie Kottman, a 21-year-old hacker revealed that the hackers had indicated that the breach was meant to show how vulnerable Verkada’s cameras are. The breach exposed over 150,000 surveillance cameras in sensitive institutions like police departments, schools, hospitals, companies, and prisons. Hackers were able to intrude on Verkada’s camera feeds on March 8th and 9th.