150,000 security cameras hacked, exposing footage from Halifax Health, other hospitals 

A group of hackers claims it infiltrated security camera data from Verkada, giving it access to live feeds of 150,000 surveillance cameras in companies and hospitals, including Halifax Health, according to a March 9 Bloomberg report. 

Seven things to know: 

1. In a video viewed by Bloomberg, a Verkada camera inside Daytona Beach, Fla.-based Halifax Health showed "what appeared to be eight staffers tackling a man and pinning him to a bed," according to the publication. 

2. Halifax Health confirmed it uses Verkada's cameras in a March 10 emailed statement to Becker's: "Halifax Health does use Verkada cameras in its facility for patient and Team Member safety," a health system spokesperson said, adding that "in working with the vendor, we believe the scope of the situation is limited." 

3. Tillie Kottmann, one of the hackers who claimed credit for breaching Verkada, said an international hacker collective carried out the attack on March 8 to show how easy it is to break into video surveillance systems. 

4. The hackers infiltrated Verkada's systems through a "super admin" account, which let them access the cameras of all the surveillance video startup's customers. The group found a username and password for an administrator account publicly exposed on the internet, according to the report. 

5. Verkada told Bloomberg it has disabled all internal administrator accounts to curb any unauthorized access and that the company's internal security team and external security firm are investigating the incident. 

6. The hackers also claimed to have viewed security footage from Texarkana, Texas-based Wadley Regional Medical Center and Tempe (Ariz.) St. Luke's Hospital. Neither of the organizations would comment to Bloomberg.

7. The footage of auto manufacturer Tesla and software provider Cloudfare was also exposed in the breach. 

More articles on cybersecurity: 
Idaho health system data breach letters mistakenly tell some patients they are dead 
HHS extends comment period for proposed HIPAA changes
How healthcare organizations can prepare for a data breach: 7 tips

 

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars