Conservative outlet Project Veritas, which has been criticised for deceptive practices, says it got scammed out of $165,000

James OKeefe, founder of Project Veritas, in 2017
James O’Keefe, founder of Project Veritas, in 2017.

  • The right-wing outlet Project Veritas has itself fallen victim to an act of deception.
  • The group’s founder said hackers had posed as attorneys to steal $165,000.
  • The group has been criticized for its hidden camera stings, and accused of pushing disinformation.
  • See more stories on Insider’s business page.

Project Veritas, a right-wing organization that uses hidden cameras and stings to expose alleged plots and wrongdoing by liberals, said that it lost $165,000 after being fooled by hackers posing as attorneys.

The group rose to prominence publishing footage purporting to show workers in labor groups, public bodies and media organisations saying incriminating things.

It has been criticized for deceptively editing footage and pushing disinformation.

James O’Keefe, the founder of the group, said Monday that scammers persuaded employees of the group to transfer the money to them.

In a video posted on Twitter by a Project Veritas aide, O’Keefe said that it appeared the hackers had been monitoring his email correspondence with genuine attorneys who had requested payment.

“They actually impersonated the actual name of our lawyer, changing a few letters in the email address, replying in real-time to an email chain with our actual attorneys,” O’Keefe said.

“It appears the fraudsters were watching, waiting for an invoice to be sent to us and then pounced, impersonating them, replying to a real email as the lawyer’s name the moment the invoice came.”

O’Keefe has previously been suspended from Twitter for operating fake accounts.

Insider has contacted Project Veritas for further details.

The group has close links with allies of Donald Trump. The New York Times in May reported that it had been involved in secret sting and surveillance operations against the former president’s perceived enemies.

The hack compounds a bad couple of weeks for Project Veritas, whose New York headquarters were destroyed by Hurricane Ida on September 2.

Tech outlet The Daily Dot reported that the hack appeared to be a form of “Business Email Compromise,” whereby scammers gain access to business email accounts.

Read the original article on Business Insider

WhatsApp’s CEO says national security officials of US allies were among those targeted with malware

A hand holds a mobile phone displaying the green-and-white WhatsApp logo
WhatsApp’s CEO has spoken out about Pegasus malware.

  • WhatsApp CEO Will Cathcart told The Guardian that officials of US allies were malware targets.
  • WhatsApp sued NSO Group in 2019, saying the Israeli company sent malware to 1,400 devices.
  • “There is no such thing as an encryption backdoor for just the good guys,” Cathcart said.
  • See more stories on Insider’s business page.

WhatsApp CEO Will Cathcart said senior government officials of US allies, including some in national-security roles, were targets of Pegasus phone malware in 2019.

Cathcart’s statements, which were featured in an interview by The Guardian on Sunday, followed reports last week from the Pegasus Project, a consortium that included The Guardian, The Washington Post, and Amnesty International.

The reports said an Israeli company sold access to military-grade spyware, which was used to hack the phones of journalists, activists, and government officials.

NSO Group, the company behind the Pegasus software, denied the phone numbers leaked to the consortium were Pegasus targets.

WhatsApp sued NSO Group in October 2019, saying about 1,400 mobile devices running the app were targeted by the company’s surveillance software.

According to the complaint, NSO Group had gained access to WhatsApp’s servers to target “attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials.” The lawsuit is ongoing.

“The reporting matches what we saw in the attack we defeated two years ago, it is very consistent with what we were loud about then,” Cathcart told The Guardian.

There were more than 50,000 phone numbers on a leaked list of potential Pegasus targets, although it was unclear how many had actually been targeted, Forbidden Stories said. The list included numbers for French president Emmanuel Macron, Pakistani prime minister Imran Khan, and South African president Cyril Ramaphosa, Amnesty International said.

NSO Group said the consortium’s reports were inaccurate, denying the numbers on the list were targets or potential targets of Pegasus. It said it would no longer reply to media questions about the software.

“The numbers in the list are not related to NSO group,” the company said in a statement on Wednesday under the headline Enough is Enough. “Any claim that a name in the list is necessarily related to a Pegasus target or Pegasus potential target is erroneous and false.”

The Pegasus software was designed to “covertly collect information about your target’s relationships, location, phone calls, plans and activities – whenever and wherever they are,” according to a product description included as an exhibit in WhatsApp’s 2019 lawsuit.

The software tracked GPS locations, monitored voice and VoIP calls, and collected other information, the description said. It also “[l]eaves no trace on the device.”

The software was reportedly sold to governments.

“There is no such thing as an encryption backdoor for just the good guys,” Cathcart said on Twitter last week. “A backdoor would be abused. And a backdoor would be a gift to hackers, criminals, spyware companies, and hostile governments, with dangerous consequences for safety and security.”

Read the original article on Business Insider

Israeli military-grade spy software was used to hack phones of journalists, activists, executives, and 2 women connected to murdered journalist Jamal Khashoggi, a report says

Woman holds phone outside NSO Group in Herzliya
An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv.

  • Military-grade spyware technology was used to hack the smartphones of journalists, activists, and executives, The Washington Post reported.
  • Some of the affected journalists worked at outlets including CNN and The New York Times.
  • The 37 numbers appeared on a list of 50,000 phone numbers in countries with a history of conducting surveillance on their own citizens, according to the report.
  • See more stories on Insider’s business page.

Military-grade spyware technology software created by an Israeli company that sells it to governments for the purpose of countering terrorism and criminal activity was used to target the smartphones of 37 journalists, activists, and business executives, the Washington Post reported Sunday.

The investigation was conducted by the Post and 16 other media partners, according to the report.

Among those who were the subject of attempted smartphone hacking, which used software called Pegasus, include journalists working at CNN, the Associated Press, the New York Times. the Wall Street Journal, Bloomberg, and Voice of America in the US. Targets also included journalists working for Le Monde in France, the Financial Times in London, and Al Jazeera in Qatar, according to the Post report.

Two women connected to the Saudi journalist Jamal Khashoggi, who was murdered in October 2018 in a Saudi consulate in Istanbul, were also on the list, according to the report.

The 37 numbers appeared on a list of 50,000 phone numbers originating mostly from countries with a history of conducting surveillance on their own citizens and those who have a relationship with the Israeli cyber-surveillance firm NSO Group, which created and sells the Pegasus software, according to the Post.

The list was shared with media outlets by the Paris-based non-profit Forbidden Stories and by Amnesty International, according to the report.

The list does not identify who placed the numbers on it. More than 15,000 of the phone numbers on the list were from Mexico while another sizable chunk of numbers came from the Middle Eastern countries, including the United Arab Emirates, Qatar, Saudi Arabia, Bahrain, and Yemen, according to the Post.

Read the full story at The Washington Post

Read the original article on Business Insider

The FBI recovered a huge chunk of the Colonial Pipeline ransom by secretly gaining access to Darkside’s bitcoin wallet password

The bitcoin logo is seen on a smartphone screen device in front of a computer screen that says "cancelled. "
The FBI managed to gain access to the “private key” of a bitcoin wallet that the hacking group Darkside used to collect its ransom payments.

The Department of Justice announced Monday that it had recovered a majority of the ransom paid by Colonial Pipeline to hackers who shut down its operations last month and caused massive fuel shortages and price hikes.

The DOJ said that it had recovered $2.3 million worth of bitcoin out of the $4.4 million ransom that Colonial had paid to Darkside, the group behind the hack.

How did the government pull it off?

The FBI had what was effectively the password to a bitcoin wallet that Darkside had sent the ransom money to, allowing the FBI to simply seize the funds, according to the DOJ.

‘Following the money’

Despite cybercriminals’ increasingly sophisticated use of technology to commit crimes, the DOJ said it used a time-tested approach to recover Colonial’s ransom payment.

“Following the money remains one of the most basic, yet powerful tools we have,” Deputy Attorney General Lisa Monaco said in the DOJ’s press release.

Colonial was hacked by Darkside on May 7, and alerted the FBI that same day, according to the DOJ.

On May 8, with its operations knocked offline and amid an emerging gas crisis, Colonial opted to pay the ransom (much to the chagrin of government crimefighters who were simultaneously trying to shut down the hack).

Colonial told the FBI that Darkside had instructed it to send 75 bitcoin, worth about $4.3 million at the time, according to an affadavit from an FBI special agent involved in the investigation.

The FBI agent then used a blockchain explorer – software that lets users search a blockchain, like bitcoin, to determine the amount and destination of transactions – to figure out that Darkside had tried to launder the money through various bitcoin addresses (similar to bank accounts), according to the affadavit.

Eventually, through the blockchain explorer, the FBI agent was able to track 63.7 bitcoin to a single address that had received an influx of payments on May 27.

Fortunately for the FBI, according to the agent’s affadavit, the agency had the private key (effectively the password) for that very address.

Bitcoin addresses rely on a two-key encryption system to keep transactions secure: one public and one private. The public key is shared openly so anybody can send money to that address. But once the sender has encrypted their payment with the recipient’s public key, only the recipient’s private key can decrypt and gain access to that money.

That’s why private keys are meant to be closely held secrets, stored in a secure place. As of January, $140 billion in bitcoin – around 20% of existing bitcoin – were held in wallets where people had forgotten or lost their private keys.

In Darkside’s case, the FBI managed to gain access to its public key, and after getting a seizure warrant from a federal court, the agency used the key to access Darkside’s address and swipe 63.7 bitcoin, or around $2.3 million.

The FBI didn’t say how it had managed to obtain the key, but said it sent a warning to other potential ransomware hackers.

“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises,” Monaco said in the release.

Read the original article on Business Insider

Hackers hit the world’s largest meat supplier with a massive cyberattack. Here’s what’s affected, and for how long.

Cow
Cow.

Hello! This story is from today’s edition of Morning Brew, an awesome daily email read by 2.9 million next-generation leaders like you. Sign up here to get it!

Over the weekend, hackers hit the only piece of American infrastructure more critical than the Colonial Pipeline: the burger supply.

JBS, the world’s largest meat processor, had to shut down North American and Australian operations Monday following a coordinated ransomware attack. The company told the White House that it believes a criminal organization based in Russia is behind the hack.

In the US, which accounts for half of JBS revenues, nearly 20% of beef production was impacted by temporary plant shutdowns.

It does appear to be temporary, though. JBS said that the “vast majority” of its facilities would be operational today due to progress it made in resolving the attack.

If operations had remain paused for days or weeks, the hiccup could’ve turned into a real headache for JBS customers like supermarkets and fast-food chains that require a continuous supply of meat.

Extra bad timing

While wholesale meat prices remained mostly stable yesterday, extended disruption from the cyberattack threatened to send meat prices-already on the rise-soaring even higher.

Compared to 2020, April’s pork and beef prices were up 4.8% and 3.3%, respectively, due to labor shortages, restaurant reopenings, rising grain and transportation costs, and high demand for meat exports. And Memorial Day weekend just kicked off the summer grilling season, which means even more demand for meat in the US.

Zoom out: As a greater proportion of corporate operations are tied to IT systems, hackers are presented with more opportunities to prey on links in critical supply chains. The JBS incident comes just weeks after hackers forced the shutdown of the Colonial Pipeline and disrupted gas supplies up the East Coast.

This story is from today’s edition of Morning Brew, a daily email publication. Sign up here to get it!

Read the original article on Business Insider

Can an iPhone be hacked? A breakdown of common hacks and cyber hygiene best practices

person looking at phone kitchen counter
To avoid being hacked, make sure you stay away from suspicious links and spam messages.

  • Your iPhone can be hacked in various ways, although iPhones are safer than Androids.
  • Experts say the best way to stay safe from hacks is to be vigilant of strange links or sketchy apps and to only give out information when necessary.
  • Poor battery life and sluggish performance can be indicators of an iPhone hack.
  • You might need to restore your iPhone to factory settings or get a replacement if it’s been seriously hacked.
  • Visit Insider’s Tech Reference library for more stories.

iPhone hacks aren’t incredibly common, but they can still occur if you aren’t careful.

From malware and trickster apps downloaded from the App Store to targeted attacks on a specific device, your information can be stolen in myriad ways.

Here we’ll break down the common types of hacks, how to tell if you’ve been hacked, and what to do about it.

How an iPhone can be hacked

Hacking occurs when someone else gains access to private information on your device or controls it without your consent. It’s a broad term, and lies on a gradient of bad to very serious. Some hackers want to make a quick buck selling advertising. Others want to hurt you.

Experts said there are a few main types of iPhone hacks:

Suspicious websites or links

Just like on your computer, your iPhone can be hacked by clicking on a suspicious website or link. If a website looks or feels “off” check the logos, the spelling, or the URL.

Try to avoid connecting to a password-free public Wi-Fi network, which opens the possibility of a hacker accessing unencrypted traffic on your device or redirecting you to a fraudulent site to access login credentials.

Messages from numbers you don’t recognize are also suspect.

Fortunately, modern smartphones are good at resisting malware and ransomware.

Suspicious apps on the App Store

Apple devices exist in a much more closed and monitored digital ecosystem when compared to Android devices.

The company has a vetting process for apps on its store, but it’s not bulletproof.

Ning Zhang, who leads the Computer Security and Privacy Laboratory at Washington University in Saint Louis, said to watch out for apps that ask for more information than they’ll need to function.

For example, if you’ve downloaded a wallpaper or flashlight app and it’s asking for your location or contact list, camera, or microphone, that’s a red flag. Likely, the developers are tricking you into giving out this information so it can be sold.

“I’d be a little bit skeptical about it and consider if I really want that wallpaper app,” he said. “Being vigilant, even with official apps, is helpful. If we are able to do that, I think for the average person, you should be fairly safe.”

app
It’s important to keep track of even the official apps on your phone and to check for any suspiciously downloaded apps, as well.

Intimate partner hacks

Abusive partners can grab your phone and download spyware (or stalkerware) when you’re not looking. This malicious software can be used to track your location, or make private information like texts, your call history, and emails accessible to them.

All they need is your password and physical access to your phone. Experts we spoke to said that this is unfortunately common. This abuse can be psychologically traumatizing and devastating to someone’s personal and public life. If you notice apps that you don’t remember downloading, this could be a sign – although many times the spyware app is invisible on the home screen.

Sadly, this problem isn’t easy to fix. Victims can risk their safety by deleting the apps or checking for malware if and when abusers notice these actions.

Targeted attacks

The average person probably won’t be singled out and remotely targeted by hackers because it’s expensive, sometimes costing millions for hacks of newer phones, said Matthew Green, an associate professor at the Johns Hopkins Internet Security Institute.

Journalists and activists are most at risk for this kind of hack.

One form of a targetted hack works like this: Hackers exploit unknown flaws in the iOS programming that even its developers don’t yet know about. With this knowledge, hackers can install malware to get data from targetted sources.

“This is a very sophisticated set of hacks and oftentimes you won’t even know this happened to you,” Green said. “If it’s someone who is really sophisticated, they’ll send you an invisible text message and then your phone is going to be compromised for awhile.”

The bugs are known as “zero-day” exploits, corresponding with the fact that Apple will find out about a possible security issue in their software on the same day it’ll work to patch it. The minute the world knows, it’s only a matter of time before the hack is obsolete. That’s why these pricey hacks are often kept under wraps by the people, or governments, who purchase them, Green said.

Ways to protect yourself from an iPhone hack

iPhones can absolutely be hacked, but they’re safer than most Android phones.

Some budget Android smartphones may never receive an update, whereas Apple supports older iPhone models with software updates for years, maintaining their security. That’s why it’s important to update your iPhone.

Apps on the App Store are also vetted for malware (though there are questionable apps that go unnoticed).

However, if you’re considering “jailbreaking” your iPhone – removing the software restrictions imposed on iOS – you’re opening yourself up to potential vulnerabilities in the software because you’ve eliminated some of Apple’s existing security measures. It is possible to download incompatible spyware or malware apps on a jailbroken phone, and this is also how remote takeovers can occur with iPhones. A jailbroken phone should be avoided as it can dangerously allow malicious apps to go undetected.

If you backup your phone in iCloud, make sure to have a strong password. If someone gets ahold of your password, they don’t even need to hack your phone because they can download a backup from the cloud.

Cloud Storage
Hackers can access your information by downloading a backup from the cloud, which eliminates the need to jailbreak or get access to your phone.

Turning on Apple’s two factor authentication is another good way to stay safe and can prevent your iCloud account (Apple ID) from being hacked by requiring another step of verification.

Vyas Sekar, a professor of electrical and computer engineering at Carnegie Mellon University, said staying safe is all about “good digital hygiene.”

“Install apps from trustworthy sources and unless you know what you’re doing, you probably don’t want to jailbreak your phone,” Sekar said. “Be careful. Don’t click on attachments you don’t want to open and keep your phone up to date.”

How to tell if your iPhone has been hacked

You can’t always tell if your iPhone has been hacked, Sekar said. But you may notice a few things.

  • Your phone is unusually hot, or frequently dying.
  • Your phone is sluggish when trying to load websites.
  • The battery is draining even when you’re not touching your phone.

These symptoms indicate the phone is running all the time, even when you’re not using it. Sometimes, the best indicators come from the outside, such as when friends say they’re getting odd messages from you. However, the most sophisticated hacks can be somewhat invisible.

There’s no definite way to check for every type of hack. Experts told us that one reliable way to investigate is to download a mobile security app called iVerify, which scans your phone’s operating system for suspicious behavior and can also detect if your phone has been jailbroken.

What to do when your iPhone has been hacked

If you know your phone has been hacked, you have a few options depending on what happened.

For minor problems, like an app stealing your information, delete the app and update your software.

In serious cases, you’ll want to wipe your iPhone and restore it to factory settings. But even if you do that, it may note be completely clear if you’ve gotten rid of the malware installed on your phone – especially if it has been jailbroken.

Man iphone
If you suspect your phone has been hacked, sometimes the safest bet is to get a new phone, depending on the severity of the breach.

Finding an expert for inspection may be the best solution. Green from Johns Hopkins said your phone can’t always be cured.

“I hate to say this, but if you really, really need to be safe, get a new phone,” Green said. “If somebody actually gets on your phone, and it’s a really high barrier for iPhones, they can install stuff like keyloggers, which means every key press, every letter you type in is being sent to somebody. Until you’re sure that’s gone, you can’t be sure you have any privacy.”

If you can’t get a new phone right away, a hacked iPhone is likely not safe to use, so you’re best to leave it turned off.

How to factory reset your iPhone and wipe its data, whether you’re selling it or troubleshooting issuesWhat is cybersecurity? A guide to the methods used to protect computer systems and dataWhat is malware? Everything you need to know about malicious software and viruses, and how to protect your computerHow to diagnose and remove any virus from your iPhone

Read the original article on Business Insider

Atlantic Media says hackers may have obtained employees’ financial data

GettyImages 450912604
Atlantic Media says “unauthorized actors” had potentially gained access to sensitive financial data on current and former employees.

  • Atlantic Media said Wednesday an “unauthorized actor” may have obtained employees’ financial data.
  • The company, which publishes The Atlantic, said hackers potentially had access to tax forms.
  • It did not name any suspects.
  • See more stories on Insider’s business page.

Hackers may have obtained sensitive tax information on employees at Atlantic Media, the company said Wednesday.

Saying it became aware of a breach last month, the publisher – whose affiliated companies include The Atlantic and National Journal – announced an internal investigation had found “no evidence that any subscribers’, customers’, or clients’ financial or sensitive information was involved.”

Current and former employees were not so lucky. They were informed this week that “unauthorized actors” had gained access to a server with their tax forms, “which contain names and Social Security numbers.”

There is no evidence that the information has been exploited or publicly disclosed, the company said.

The statement did not identify any suspects. A company spokesperson, Anna Bross, told Insider that the statement reflects the “most complete information that we are making available.”

Have a news tip? Email this reporter: cdavis@insider.com

Read the original article on Business Insider

A Shopify seller says she lost about $55,000 after her account was hacked. Now Insider wants to know if there are more people like her.

shopify ipo nyse
  • Shopify seller Andi Rosenberg is missing about $55,000 in sales after her account was hacked.
  • A customer service representative at the company recommended she seek outside legal counsel to resolve the problem.
  • Shopify, which went public in 2015, helps small businesses join the e-commerce boom.
  • See more stories on Insider’s business page.

Small business-owner Andi Rosenberg lost tens of thousands of dollars last year when her Shopify account was hacked.

Starting on November 23, 2020, payments from her Shopify sales began being deposited in an unknown bank account without Rosenberg’s knowledge. On her Shopify account, Rosenberg could see the daily sales being paid out. But, her bank account, which she only checks once a month, wasn’t getting any of the payouts.

On December 29, a Shopify support specialist emailed her about “detected suspicious login activity,” and she needed to confirm her bank account and identity. That’s when Rosenberg checked her own bank account and saw she was missing thousands of dollars from her Shopify sales.

She was sick to her stomach, and has been since.

She confirmed her identity and her bank account with Shopify over the course of several days via emails, which were viewed by Insider. The company eventually gave her the payouts from December 30 to January 14, which had been frozen by Shopify until she could confirm her identity and account. The payouts added up to $22,816, based on payment confirmations provided to Insider.

But she was still missing $55,656 in payouts made to the hacker’s bank account for the pay period from November 23 to December 29. She said when the Shopify account was apparently first hacked in November, she never received a notification that her bank information was changed.

“I’m a small business; you could put me out of business,” she said she told customer service on the phone. “It’s just sickening.”

Rosenberg, owner of clothing and jewelry line Hipchik, has sold her products through department stores for years. In 2018, she opened a Shopify account and loved it.

As store sales dwindled, Shopify helped her get through the pandemic, and she had her best year yet online, selling nearly $1 million of merchandise.

Since the missing payments, she says she’s spoken to Shopify’s customer service and the legal team and even reached out to company executives on LinkedIn. In an email seen by Insider, a customer service representative said the legal team could not give Rosenberg advice. The representative added that, “At this point I recommend that you proceed with private legal counsel in order to work towards recovering missing funds, and moving in a productive direction with this investigation.”

She has been in talks with outside lawyers to see if they can help get her payments back, but she’s worried about the legal fees on top of the losses she already incurred.

Insider asked if Shopify knows how frequently sellers’ accounts are hacked, what security measures are in place, and how sellers can get their money back if it’s stolen. “At Shopify, we take the privacy and security of our merchants very seriously,” a spokesperson said. “We go to great lengths to help merchants manage their accounts more securely by providing guidelines and recommendations. We recommend that all merchants enable two-factor authentication to provide a more secure login process and to help prevent unauthorized access to a merchant’s admin.”

The company did not comment on Rosenberg’s case, or answer questions as to why it took several weeks to notice suspicious logins on her account and why the company has not reimbursed her for her lost payments.

Shopify, based in Ottowa, Canada, is an e-commerce company that’s known for helping small business owners attract customers online. Fakespot analyzed Shopify, which went public in 2015, and found that about a fifth of sellers deserved a “caution” or “warning” sign for activities like selling fraudulent products or not delivering items. Shopify told Insider that it has closed thousands of stores, and it regularly implements new measures to address fraud or other violations.

Shopify sellers have also faced fraud from buyers, who order personalized products and then ask for refunds. In 2018, Shopify rolled out a prevention system to protect sellers from these fraudulent buyers, TechCrunch reported.

If you’re a seller and believe you have lost money on Shopify because of a stolen or hacked account, reach out to the reporter of this article, Natasha Dailey at ndailey@businessinsider.com.

Read the original article on Business Insider

One of the country’s biggest beer makers had to stop making beer due to a cybersecurity breach

coors light

One of America’s largest beer makers, Molson Coors, had to halt production this week the company said.

“Molson Coors experienced a systems outage that was caused by a cybersecurity incident,” the company said in a statement. That systems outage has led to a variety of issues for the company, including “brewery operations, production, and shipments,” according to an SEC filing.

In short: Hackers forced the maker of Coors to stop making beer.

Molson Coors is America’s second-largest beer producer, behind only Budweiser maker Anheuser-Busch, according to the Brewer’s Association. The company brews its namesake brands Molson and Coors, as well as Miller, Blue Moon, Leinenkugel’s, Redd’s Hard Apple, and Topo Chico Hard Seltzer, among others.

It’s unclear how much of the company’s beer production has been halted by the breach, nor is it clear how this will impact the company’s expected production.

Read more: How Michelob Ultra became a top beer seller by pitching itself as part of a healthy lifestyle

A Molson Coors representative did not respond to request for comment as of publishing.

The SEC filing said Molson Coors, “is working around the clock to get its systems back up as quickly as possible.”

No timetable is given on when the company expects to return to normal production. Molson Coors has “engaged leading forensic information technology firms and legal counsel,” the filing said, and it’s investigating the breach.

Got a tip? Contact Insider senior correspondent Ben Gilbert via email (bgilbert@insider.com), or Twitter DM (@realbengilbert). We can keep sources anonymous. Use a non-work device to reach out. PR pitches by email only, please.

Read the original article on Business Insider

Hackers breached security company Verkada and accessed 150,000 cameras inside Tesla, hospitals, and jails

Verkada camera security surveillance system
Verkada makes enterprise security software and hardware.

  • Hackers breached Verkada and accessed its customers’ security cameras, Bloomberg reported Tuesday.
  • They gained access to 150,000 cameras inside places such as Tesla, Cloudflare, hospitals, and jails.
  • Some cameras let the hackers access Verkada customers’ separate corporate networks.
  • Visit the Business section of Insider for more stories.

A hacking collective claims to have breached security company Verkada, giving them access to live and archived footage from 150,000 security cameras inside Verkada customers’ facilities as well as its own offices, Bloomberg reported Tuesday.

According to Vice News, around 24,000 unique organizations use Verkada’s software, including private residences, malls, restaurants, nonprofits, and airports, revealing the extensive use of facial recognition and surveillance software.

Hackers successfully accessed feeds from Verkada customers including Tesla, Cloudflare, Equinox, Florida hospital system Halifax Health, Wadley Regional Medical Center in Texas, Tempe St. Luke’s Hospital in Arizona, Madison County Jail in Alabama, and Sandy Hook Elementary School in Connecticut, the site of the 2021 mass shooting, according to Bloomberg.

In some cases, a built-in feature of of certain cameras would have allowed the hackers to use the cameras to launch separate hacks into Verkada customers’ corporate networks, Bloomberg reported. Other cameras use facial recognition technology to identify individuals, according to Verkada’s website, potentially exposing sensitive personal information of patients, students, and employees of its customers.

“We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement,” a Verkada spokesperson told Insider.

A person familiar with the company’s response told Insider Verkada has enlisted an outside security company to help it investigate, and said Verkada has notified customers about the breach.

A Cloudflare spokesperson told Insider the company had been made aware Verkada cameras monitoring its facilities “may have been compromised” and that “the cameras were located in a handful of offices that have been officially closed for several months.”

“As soon as we became aware of the compromise, we disabled the cameras and disconnected them from office networks. To be clear, this incident does not impact Cloudflare products and we have no reason to believe that an incident involving office security cameras would impact customers,” they said.

The Verkada customers named above did not immediately respond to a request for comment. A spokesperson for Steward Health Care, which operates Wadley Regional Medical Center and Tempe St. Luke’s, declined to comment.

Tillie Kottmann, one of the hackers who claimed credit for the breach, told Bloomberg the group’s goal was to expose how widespread surveillance has become and how easily it can be hijacked, adding that their motives were “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism – and it’s also just too much fun not to do it.”

Hackers were able to view extremely sensitive footage, according to Bloomberg, including hospital staffers tackling a patient and police officers questioning criminal suspects, as well as detailed financial information about Verkada itself.

Verkada was previously scrutinized for security lapses in October after a report surfaced accusing male employees of using the company’s cameras to take photos of female employees and share them in a private Slack channel. After initially disputing the report, Verkada eventually fired the male employees involved, following a separate investigation by Vice News.

Read the original article on Business Insider