Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah.

In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ.

Hacks multiple cameras in #OperationPanopticon

According to Tillie Kottmann, a reverse engineer for the group of hackers, they gained access to these surveillance systems using a super admin account for Verkada, a surveillance company who works with all of these organizations.

Speaking to BleepingComputer, Kottmann said they found hardcoded credentials for a Verkada super admin account in exposed DevOps infrastructure.

Verkada makes enterprise security systems such as automation and IoT surveillance cameras. The company is also known to provide services to Tesla.

This afternoon Kottmann teased by posting multiple images allegedly captured from surveillance cameras at Equinox, Tesla, and the Bank of Utah.

tesla surveillance camera
Image of a Tesla warehouse posted by the hacker
Source: Twitter

In the same Twitter thread, Kottmann shared images of what appeared to be root access to a Linux operating system. From these images, you can see the MAC address of one of the network cards, which corresponds to equipment developed by surveillance company Verkada.

Cloudflare shell
The hacker demonstrating having obtained shell access to Cloudflare and Tesla systems

After Bloomberg News, who first reported on this attack, contacted Verkada, the hackers lost access to the hacked super admin account.

“We have disabled all internal administrator accounts to prevent any unauthorized access,” a Verkada representative told Bloomberg. “Our internal security team and external security firm are investigating the scale and scope of this potential issue.”

The hashtag #OperationPanopticon associated with this cyberattack refers to Panopticon, a philosophical design concept.

Panopticon refers to a design of such a building in which captives (e.g., prisoners) cannot tell whether they are being watched by security personnel or not at a given moment.

This means, in a building with a large number of inmates, it may be impossible for one guard to monitor all of the inmates at the same time, yet because of the panopticon design ideology, every prisoner may fear being watched for they have no way of knowing if they are being watched.

BleepingComputer has reached out to Tesla, Cloudflare, Equinox, Verkada, and other alleged targets. We are awaiting their response. 

This is a developing story.




Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah.

In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ.

Hacks multiple cameras in #OperationPanopticon

According to Tillie Kottmann, a reverse engineer for the group of hackers, they gained access to these surveillance systems using a super admin account for Verkada, a surveillance company who works with all of these organizations.

Speaking to BleepingComputer, Kottmann said they found hardcoded credentials for a Verkada super admin account in exposed DevOps infrastructure.

Verkada makes enterprise security systems such as automation and IoT surveillance cameras. The company is also known to provide services to Tesla.

This afternoon Kottmann teased by posting multiple images allegedly captured from surveillance cameras at Equinox, Tesla, and the Bank of Utah.

tesla surveillance camera
Image of a Tesla warehouse posted by the hacker
Source: Twitter

In the same Twitter thread, Kottmann shared images of what appeared to be root access to a Linux operating system. From these images, you can see the MAC address of one of the network cards, which corresponds to equipment developed by surveillance company Verkada.

Cloudflare shell
The hacker demonstrating having obtained shell access to Cloudflare and Tesla systems

After Bloomberg News, who first reported on this attack, contacted Verkada, the hackers lost access to the hacked super admin account.

“We have disabled all internal administrator accounts to prevent any unauthorized access,” a Verkada representative told Bloomberg. “Our internal security team and external security firm are investigating the scale and scope of this potential issue.”

The hashtag #OperationPanopticon associated with this cyberattack refers to Panopticon, a philosophical design concept.

Panopticon refers to a design of such a building in which captives (e.g., prisoners) cannot tell whether they are being watched by security personnel or not at a given moment.

This means, in a building with a large number of inmates, it may be impossible for one guard to monitor all of the inmates at the same time, yet because of the panopticon design ideology, every prisoner may fear being watched for they have no way of knowing if they are being watched.

BleepingComputer has reached out to Tesla, Cloudflare, Equinox, Verkada, and other alleged targets. We are awaiting their response. 

This is a developing story.