Security service provider: employee spies on customers having sex via cameras

For more than five years, a service technician in the U.S. used his company's security cameras to peek into the bedrooms of more than 200 customers.

Telesforo Aviles, a 35-year-old former employee of home and office security company ADT, took advantage of his position at the U.S.-based firm to observe customers in intimate situations for more than five years. He admitted as much last Thursday in a district court in the U.S. state of Texas, pleading guilty to computer fraud, among other charges. As the English-language tech website Ars Technica reports, he now faces up to five years in prison.

According to the confession, Aviles kept a list of customer households with attractive women, to whose customer accounts he added his email address. This gave him access to the mobile app for ADT's Pulse service, which allows users to remotely turn lights on or off, disable or reactivate alarms, or view the image from cameras. When asked by the customer, Aviles said he needed access to test the security features. Instead, he used the app over 9600 times to watch the women - preferably when they were naked, or having sex.

What could prove particularly problematic for Aviles is that at least one of the women was a minor at the time. The defendant accessed the cameras in her home alone nearly 100 times.

ADT says it reported its employee's illegal conduct to prosecutors as soon as the company became aware of it and is cooperating with the FBI and prosecutors' investigations. Nevertheless, several parties are filing class action lawsuits against ADT.

One of them represents the customers' minor family members. The core allegation is that ADT advertised its service as a way to keep an eye on children and pets remotely, but failed to implement adequate safeguards. These should have included two-factor authentication or SMS notifications when a new user logs in.

With such electronic monitoring systems, the customer or user must always be aware of the potential for abuse. It doesn't matter whether he hires a service provider or takes the equipment into his own hands. Time and again, security loopholes are made public with which such systems can be cracked and eavesdropped on or otherwise misused.

Comments

Post a Comment

Popular posts from this blog

Chrome targeted by criminals: Why users need to update quickly now

A security vulnerability in Google Chrome is currently being exploited by cyber criminals. Malware could land on your PC through it. Read here how you can protect yourself. The Google Chrome browser is currently struggling with some security vulnerabilities. In a blog post , Google warns about a total of seven vulnerabilities, with the majority of these gaps being classified as a "high" threat to users. The vulnerabilities have been fixed in the latest version of Chrome for Windows, Linux and macOS. If you have Chrome version 90.0.4430.85 installed, it can no longer be exploited. If you have an older version of the browser installed, you should update urgently. You can find the download of the new version below these lines. Smartphone users do not have to be afraid of the security vulnerability. Google has not had to take any security measures here for the time being. The security vulnerability probably remained undiscovered by cyber criminals for the time being. So far, noth...
Read more

Face and voice recognition: Why TikTok wants to be allowed to collect biometric data in the USA

TikTok's privacy policy for the US now mentions the collection of biometric data from faces and voices. The background is likely to be a legal dispute that cost the company $92 million. Neue Datenschutzbestimmungen sind oft eher etwas für Juristen, doch die jüngste Aktualisierung von TikTok sollte alle Nutzerinnen und Nutzer in den USA aufhorchen lassen. Denn in den am 2. Juni aktualisierten Datenschutzbestimmungen für die USA ist ein Abschnitt enthalten, den es zuvor nicht gab. Er lautet übersetzt: »Wir sammeln möglicherweise biometrische Identifikationsmerkmale und biometrische Informationen, wie sie im US-Recht definiert sind, wie etwa von deinem Gesicht und deiner Stimme, aus deinen Inhalten.« Im englischsprachigen Original ist von »faceprint« und »voiceprint« die Rede. »Bevor wir damit anfangen«, frage man jedoch nach dem Einverständnis, wenn dies gesetzlich nötig sei, fügte noch TikTok hinzu. In response to an initial inquiry from "TechCrunch" about the ba...
Read more

Microsoft Teams, Zoom, WebEx: Berlin authority warns against popular video systems

After an initial data protection audit, some video service providers have made improvements to their offerings. But the Berlin data protection commissioner still sees serious shortcomings. The State Commissioner for Data Protection in Berlin (Germany), Maja Smoltczyk, advises against using leading video conferencing systems such as Microsoft Teams, Skype, Zoom, Google Meet, GoToMeeting, Teamviewer and Cisco WebEx. The reason is a retest of various offerings. After a number of services had already failed a test of data protection requirements last year, a new test of the major providers did not reveal any substantial improvement. Smoltczyk said that she was pleased "that our comments had persuaded so many providers to improve their offerings, in some cases very significantly, in terms of data protection". There are now enough legally compliant services for a wide range of purposes that there is no reason to break data protection law for video conferencing. However, if a provid...
Read more