FTC fines security camera company $3 million

The Federal Trade Commission (FTC) has submitted an order to fine security camera company Verkada $2.9 million after the FTC found to have failed to protect customer information or implement proper security measures. Verkada was targeted by at least two security breaches between 2020 and 2022 which allowed threat actors to access sensitive data.

The company claimed to use ‘best-in-class data security tools’ and practices to keep customer data safe from unauthorized access. However, customers were apparently left vulnerable after hackers gained access to 150,000 live feeds from internet connected cameras, including in schools, prisons, and psychiatric hospitals.

The company was also found to be in violation of the CAN-SPAM Act, after sending customers marketing emails without offering the option to unsubscribe. The company reportedly sent 30 million emails over the span of three years.

Poor Practice

The FTC determined that Verkada did not adequately encrypt customer data, implement secure network controls, or require complex passwords - which meant customer information like emails, passwords, and full names were exposed. The company’s security practices allegedly fell short of HIPAA and Privacy Shield framework.

“When customers invite companies into private spaces to monitor consumers by using their security cameras and other products, they expect those companies to provide basic levels of security, which Verkada failed to do,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Companies that fail to secure and protect consumer data can expect to be held responsible.”

The complaint also alleges that Verkada misled customers by failing to disclose that some positive online reviews were written by employees and investors. Alongside the fine, Verkada will be required to implement a ‘comprehensive’ information security program with external assessment and audits. The security program must include multi-factor authentication and encryption for sensitive information.

Via Cybernews

More from TechRadar Pro

• Take a look at our best home security camera choices
• It's official — nearly all of us are much more productive when we work from home
• Check out our pick of the best small business software