Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Tesla factories’ security cameras caught up in wider hack

A Silicon Valley startup offering cloud-based security camera services has had its systems breached in an attack that gave hackers access to numerous live feeds, some of them coming from Tesla factories.

Verkada, which launched in 2016, had around 150,000 of its cameras hacked, with many of the devices installed in hospitals, schools, police departments, prisons, and companies that besides Tesla also included software provider Cloudflare, according to a Bloomberg report on Tuesday, March 9.

Cameras inside Verkada’s own offices were also accessed.

Those responsible for the hack shared some of the captured footage with the news outlet. It included a video from inside a Florida hospital that appeared to show eight hospital workers wrestling a man before pinning him to a bed.

Some of the content also appears to show workers on an assembly line inside Tesla’s factory in Shanghai, China. The hackers claim to have gained access to as many as 222 cameras in multiple factories and warehouses owned by Tesla, Bloomberg reported.

More than 300 security cameras inside the Madison County Jail in Huntsville, Alabama, were also targeted in the hack. Some of the devices are concealed inside vents, thermostats, and defibrillators, according to the news outlet, and include Verkada technology capable of tracking inmates and staff using facial-recognition software.

Those behind the breach even claim it was even possible to listen in on interviews between police officers and suspects, along with high-definition footage of the interrogations.

The breach was reportedly carried out by a hacker, or group of hackers, going by the name “Tillie Kottmann,” and began on the morning of March 8.

Kottmann told Bloomberg that the breach “exposes just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit,” adding, “It’s just wild how I can just see the things we always knew are happening, but we never got to see.”

In an emailed statement, Verkada told Digital Trends: “We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.”

The company added that it has notified affected customers about the breach and set up a dedicated support line to address their questions and issues.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more
Google just made this vital Gmail security tool completely free
The top corner of Gmail on a laptop screen.

Hackers are constantly trying to break into large websites to steal user databases, and it’s not entirely unlikely that your own login details have been leaked at some point in the past. In cases like that, upgrading your password is vital, but how can you do that if you don’t even know your data has been hacked?

Well, Google thinks it has the answer because it has just announced that it will roll out dark web monitoring reports to every Gmail user in the U.S. This handy feature was previously limited to paid Google One subscribers, but the company revealed at its Google I/O event that it will now be available to everyone, free of charge.

Read more
No, 1Password wasn’t hacked – here’s what really happened
A person using the 1Password password manager on a laptop while sat on a couch.

Password managers have been struggling with security breaches in recent months, with LastPass suffering a particularly bad hack as a notable example. So when 1Password users got an alert last week saying their Secret Keys and passwords had been changed without their knowledge, they were understandably panicked. Luckily, all was not what it seemed.

That’s because AgileBits, the company behind 1Password, has just explained exactly what went wrong during that event. And while it wasn’t as bad as everyone first thought, it still doesn’t paint AgileBits in a particularly good light.

Read more