Swiss authorities raid home of hacker potentially responsible for breaching surveillance cameras

Swiss authorities raid home of hacker potentially responsible for breaching surveillance cameras
© Getty Images

Swiss law enforcement raided the home of a hacker potentially responsible for breaching around 150,000 surveillance cameras, exposing sensitive footage from homes, hospitals and prisons. 

A spokesperson for Switzerland’s Federal Office of Justice told The Hill on Monday that police in Lucerne, Switzerland, carried out a home search Friday at the request of the U.S. government on a residence connected to the hacker who claimed credit for the breach, declining to name those involved. 

The Associated Press reported that the house belonged to a hacker known as Tillie Kottmann, and that electronics were taken from the home as part of the raid. The FBI told the publication that it was “aware of law enforcement activity carried out in Switzerland,” but had no further comment. 

ADVERTISEMENT

The raid comes a week after Bloomberg News first reported that hackers had breached security camera data from tech group Verkada, allowing access to video archives of all Verkada customers, including Tesla, Cloudflare, psychiatric hospitals, women’s clinics, schools and private residences. 

According to Bloomberg News, Kottmann claimed responsibility for the breach, which was carried out by the international hacking group that Kottmann is a part of, as a way to bring attention to how easily surveillance systems can be compromised. 

Bloomberg News reported Monday that the raid was carried out on the home for a previous alleged hacking incident tied to Kottmann, and not the recent Verkada breach. 

Verkada has begun an investigation into the hack, posting an update on its website Monday noting that all impacted customers had been notified of the breach and that customers that had not received a notification had not been compromised. 

“It is important to note that our investigation remains ongoing and we have engaged a third party firm, Mandiant, to conduct their own investigation,” Verkada CISO Kyle Randolph wrote. “If we discover that your organization’s image or video was accessed, we will notify you promptly.”

In addition, the company in a separate post last week confirmed it had notified the FBI of the breach and planned to undertake a security overhaul in the next 100 days to strengthen its surveillance products against hacking efforts. 

“As the attack earlier this week showed, we fell short of our goals for ourselves and your expectations for us,” Verkada co-founder and CEO Filip Kaliszan wrote last week. “We promised that you would have control, and this incident has shown us that we have failed to keep that promise – we are deeply sorry.”

The hacking incident comes as cybersecurity has been increasingly in the spotlight due to two major recent cyber espionage incidents impacting thousands of public and private groups around the world. 

The first incident, what has become known as the SolarWinds hack, was likely carried out by Russian hackers, and according to the Biden administration compromised at least nine federal agencies and 100 private sector groups for a year prior to discovery. 

The second incident involves recently uncovered vulnerabilities in Microsoft Exchange Server, security flaws that were used by at least one major Chinese hacking group to gain access to systems of potentially thousands of U.S. and international groups. Both incidents are still under investigation.