FTC and TrendNet settle claim over hacked security cameras
The camera maker settles a claim after hundreds of its home security cameras were hacked and videos of babies sleeping and children playing were published on the Web.
The US Federal Trade Commission filed a complaint against security camera maker TrendNet for allegedly misrepresenting its software as "secure." The complaint came after hackers breached TrendNet's Web site and accessed videos from 700 users' live-camera feeds -- many of these videos were published on the Internet.
TrendNet agreed to settle the claim on Wednesday, according to Reuters.
The company's wireless cameras are basically Webcams that laptops or phones. These cameras can be mounted wherever people need a video feed. According to TrendNet, the cameras are used to monitor "babies at home, patients in the hospital, offices and banks, and more."to users'
These cameras are registered at TrendNet's Web site. In 2012, a hacker was able to breach the Web site, bypass users' login credentials, and access live-feeds from the wireless cameras.
"The hacker posted information about the breach online; thereafter, hackers posted links to the live feeds for nearly 700 of respondent's IP cameras," the FTC wrote in its complaint (PDF). "Among other things, these compromised live feeds displayed private areas of users' homes and allowed the unauthorized surveillance of infants sleeping in their cribs, young children playing, and adults engaging in typical daily activities."
Under the terms of the settlement, TrendNet cannot misrepresent its software as "secure" and must get an independent assessment of its security programs once a year for 20 years, according to Reuters.
For its part, TrendNet said that once it learned of the hack it immediately updated its firmware and reached out to users who owned the vulnerable security cameras. The company also said that working with the FTC has helped it improve the security of its products.
"TrendNet has worked closely with the FTC throughout this process," TrendNet said in a statement on Wednesday. "The product hack and the subsequent FTC action was used as an opportunity to improve best practices which support augmented product security for existing and future products. Furthermore, a systematic security review process from an accredited third party entity helps maintain best practices into the future."