FTC settles complaint over hacked security cameras
The government is requiring the marketer of Internet-connected home monitoring cameras to come up with a better security design after feeds from people's homes -- video from baby monitors and home security systems -- were posted online for public view.
In a settlement announced Wednesday, the Federal Trade Commission said lax security practices led to the breach by California-based TRENDnet.
The commission says the private lives of hundreds of consumers -- video of babies sleeping in cribs, young children playing, and adults going about their daily routines -- went public in January 2012 after a hacker exploited a security flaw in the company's software and posted links of video feeds to nearly 700 cameras.
In addition to addressing software security risks, the settlement also prohibits TRENDnet from misrepresenting the security of its cameras as well as requiring the company to design a better security program.
According to the commission, the cameras had faulty software that left them open to online viewing, and in some cases listening, by anyone with the Internet address of the cameras. The complaint says that, from at least April 2010, the company didn't use reasonable security to design and test its software.
TRENDnet sent user login credentials in clear, readable text over the Internet, the commission said, even though free software was available to secure those transmissions.
In a January statement, the company said it released an update that eliminated the hack. A request to TRENDnet for comment was not immediately answered.