Verkada is the latest tech firm to end up in the headlines for a data breach due to the breach of its database by hacktivists who were reportedly surprised by how much access they had. According to reports, around 149,000 camera feeds were accessible during the breach.
Unlike the Microsoft (NASDAQ: MSFT) hack, which is believed to be the work of state-sponsored hackers, the Verkada hackers are hacktivists who allegedly had no ill-intent when breaching the company's internal network but rather intended to display the lack of security used to protect user data. To this end, the group reportedly shared some of their findings with The Washington Post.
According to the hackers, they were able to gain access to Verkada's networks after finding the login information of a "super admin" account online. Once inside, the hackers had total access to the camera feeds of Verkada's clients, including hospitals, homes, even a Tesla (NASDAQ: TSLA) factory, and, ironically, the temporarily closed offices of internet security firm Cloudflare (NYSE: NET). Tesla later reported that the feed came from a facility in China and that the factory itself had not been hacked. Cloudflare said that it had disconnected its cameras for safety and that none of its client data was accessed.
The most intriguing facet behind the hack isn't the breach itself but rather what questions it raises. Even the hackers themselves appeared to be surprised by the amount of data they had access to, with the leader of the group, who has been identified as 21-year-old Tillie Kottmann, who has since been raided by Swiss authorities and appears to have withdrawn from social media, commenting: "It still feels incredibly surreal the amount of foothold I was able to gain from this. That's the irony of this whole thing: All the cool features they provide for security are exactly why everything broke."