Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Tesla factories’ security cameras caught up in wider hack

A Silicon Valley startup offering cloud-based security camera services has had its systems breached in an attack that gave hackers access to numerous live feeds, some of them coming from Tesla factories.

Recommended Videos

Verkada, which launched in 2016, had around 150,000 of its cameras hacked, with many of the devices installed in hospitals, schools, police departments, prisons, and companies that besides Tesla also included software provider Cloudflare, according to a Bloomberg report on Tuesday, March 9.

Please enable Javascript to view this content

Cameras inside Verkada’s own offices were also accessed.

Those responsible for the hack shared some of the captured footage with the news outlet. It included a video from inside a Florida hospital that appeared to show eight hospital workers wrestling a man before pinning him to a bed.

Some of the content also appears to show workers on an assembly line inside Tesla’s factory in Shanghai, China. The hackers claim to have gained access to as many as 222 cameras in multiple factories and warehouses owned by Tesla, Bloomberg reported.

More than 300 security cameras inside the Madison County Jail in Huntsville, Alabama, were also targeted in the hack. Some of the devices are concealed inside vents, thermostats, and defibrillators, according to the news outlet, and include Verkada technology capable of tracking inmates and staff using facial-recognition software.

Those behind the breach even claim it was even possible to listen in on interviews between police officers and suspects, along with high-definition footage of the interrogations.

The breach was reportedly carried out by a hacker, or group of hackers, going by the name “Tillie Kottmann,” and began on the morning of March 8.

Kottmann told Bloomberg that the breach “exposes just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit,” adding, “It’s just wild how I can just see the things we always knew are happening, but we never got to see.”

In an emailed statement, Verkada told Digital Trends: “We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.”

The company added that it has notified affected customers about the breach and set up a dedicated support line to address their questions and issues.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers may have stolen the master key to another password manager
Open padlock cybersecurity

The best password managers are meant to keep all your logins and credit card info safe and secure, but a major new vulnerability has just put users of the KeePass password manager at serious risk of being breached.

In fact, the exploit allows an attacker to steal a KeePass user’s master password in plain text -- in other words, in an unencrypted form -- simply by extracting it from the target computer’s memory. It’s a remarkably simple hack, yet one that could have worrying implications.

Read more
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more
Google just made this vital Gmail security tool completely free
The top corner of Gmail on a laptop screen.

Hackers are constantly trying to break into large websites to steal user databases, and it’s not entirely unlikely that your own login details have been leaked at some point in the past. In cases like that, upgrading your password is vital, but how can you do that if you don’t even know your data has been hacked?

Well, Google thinks it has the answer because it has just announced that it will roll out dark web monitoring reports to every Gmail user in the U.S. This handy feature was previously limited to paid Google One subscribers, but the company revealed at its Google I/O event that it will now be available to everyone, free of charge.

Read more