Feds Eye Swiss Hacker Tied to Major Security Cam Breach
Swiss authorities on Friday raided the home of a computer hacker reportedly under FBI investigation who has also—unrelatedly—taken credit for the recent breach of U.S. security camera company. The company, Verkada Inc., has itself separately been accused of granting employees extraneous access to the private surveillance feeds of potentially thousands of global customers.
Bloomberg, which first broke news of the Verkada breach on
Tuesday, now reports that a 21-year-old hacker who’s taken credit is facing
possible criminal charges in the U.S. A search warrant served by Swiss
authorities and later seen by reporters points to an investigation by the FBI
and federal prosecutors in the Western District of Washington.
The hacker, Tillie Kottmann, who is being investigated for
earlier possible crimes, told reporters they acquired high-level credentials to
Verkada’s network, granting them access to all of its clients’ cameras.
Verkada, founded in 2016, is a maker indoor and outdoor
security cameras, access control systems, and environmental sensors. Its
cameras and other technology are connected through a cloud-based platform. Its
customers include healthcare companies, banks, restaurants, public schools, and
more. Several U.S. cities have standing contracts with Verkada to surveil
public spaces and structures.
On Wednesday, three former employees told Bloomberg that
“more than 100" former colleagues had direct access to the live feeds of
Verkada’s clients—including some “20-year-old interns,” according to one
Bloomberg source. The accounts have raised questions about the Verkada’s
internal policies, though the company has said it “previously” moved to limit
camera access to staff working closely with clients.
Among the 150,000 camera feeds accessible to the hacker,
more than 200 reportedly belong to electric car maker Telsa. Others are said to
offer views inside schools, jails, and hospitals.
Attributing the breach, in part, to their own
anti-capitalistic views, Kottmann told Bloomberg on Friday morning that police
had searched their apartment in Lucerne, Switzerland, and seized electronic
devices. Kottmann’s parents’ home was also reportedly searched. The warrants
were authorized under a separate hacking investigation that is unrelated to the
breach at Verkada.
Kottmann reportedly resisted using the unauthorized access
they obtained to snoop on Verkada’s clients and instead shared their knowledge
with a journalist. Their access was revoked soon after. The hack was done, they
told Bloomberg, to “[expose] just how broadly we’re being surveilled, and how
little care is put into at least securing the platforms used to do so, pursuing
nothing but profit.”
Comments
Post a Comment