Videocam flaw broadcast hundreds of baby monitor and home security feeds
Web Services // Other Critical Infrastructure
Vendor TRENDnet settled Federal Trade Commission charges that its lax security practices exposed the private lives of hundreds of consumers to the public through the Web. “The cameras had faulty software that left them open to online viewing, and in some instances listening, by anyone with the cameras’ Internet address,” the FTC reports.
Since at least April 2010, the company failed to use reasonable security to design and test its software, including the password setting feature. According to the complaint, a hacker in January 2012 published the exploit online and then others began posting links to the live feeds of nearly 700 of the cameras.
“The feeds displayed babies asleep in their cribs, young children playing, and adults going about their daily lives.”
TRENDnet also transmitted user logins in clear, readable text over the Internet.
During a separate breach in August, an unknown man swore at a sleeping toddler through a hacked monitor.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
Original Report:
ftc.gov/opa/2013/09/trendnet.shtm
NEXT STORY: A Quantum Cryptography Network That Even NSA Can’t Hack