Security equipment company settles charges it didn't keep client information secure

A company that sells Internet-connected security cameras has settled charges with the FTC that it failed to properly secure the access to the feeds from those cameras.

According to the FTC, TRENDnet sold its SecurView cameras for things like home security and baby monitoring. Consumers were supposed to be able to use the web to securely view the feeds from the cameras.

The company was accused of failing to use "reasonable security to design and test its software."

"As a result of this failure, hundreds of consumers' private camera feeds were made public on the Internet," the FTC wrote in a statement.

In 2012, hackers used the flaw to publicly post live feeds from nearly 700 of the cameras.

"The feeds displayed babies asleep in their cribs, young children playing, and adults going about their daily lives," the FTC wrote.

TRENDnet was also accused of transmitting user login credentials in an unencrypted, readable format.

Under the terms of the company's settlement they are prohibited from misrepresenting the security features of its cameras and software, required to establish an information security program and obtain third-party assessments of its security programs every two years for the next 20 years.

The FTC voted unanimously to accept the settlement. It will be subject to public comment for 30 days before the commission will vote on making the deal final.

Although the company is still selling internet cameras through its website, the page for the SecurView line appears to be blank. The cameras are available elsewhere.

Print this article Back to Top