"Lawmakers have called on the Federal Trade Commission to investigate Flock Safety, a company that operates license plate scanning cameras, for allegedly failing to implement cybersecurity protections that expose its camera network to hackers and spies. In a letter sent by Sen. Ron Wyden (D-OR) and Rep. Raja Krishnamoorthi (D-IL, 8th), the lawmakers urge FTC Chairman Andrew Ferguson to probe why Flock does not enforce the use of multi-factor authentication (MFA), a security protection that prevents malicious access by someone with knowledge of the account holder's password."
"Wyden and Krishnamoorthi said that if hackers or foreign spies learn of a law enforcement user's password, "they can gain access to law-enforcement-only areas of Flock's website and search the billions of photos of Americans' license plates collected by taxpayer-funded cameras across the country." Flock operates one of the largest networks of cameras and license plate readers in the U.S., providing access to more than 5,000 police departments, as well as private businesses, across the country."
"The lawmakers said that they had found evidence that some of Flock's law enforcement customers' logins had been previously stolen and shared online, citing data from Hudson Rock, a cybersecurity company that identifies usernames and passwords stolen by information-stealing malware. Independent security researcher Benn Jordan also provided the lawmakers with a screenshot showing a Russian cybercrime forum allegedly selling access to Flock logins."
Sen. Ron Wyden and Rep. Raja Krishnamoorthi requested an FTC investigation into Flock Safety for not enforcing multi-factor authentication (MFA) on its license-plate scanning platform. Flock offers MFA to law enforcement customers but does not require its use, which creates risk if credentials are compromised. Attackers who obtain law enforcement passwords could access restricted areas and search billions of license-plate photos collected by taxpayer-funded cameras. Flock operates a nationwide network serving more than 5,000 police departments and private businesses. Evidence cited includes previously stolen logins and an alleged Russian forum selling Flock access.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]