Arcules CEO Threatens Over "Security Breach"

By: John Honovich, Published on Nov 25, 2019

An Arcules employee called out a recent 'security breach', however, Arcules CEO disputed this as 'inaccurate' and threatened to sue IPVM.

Inside this note, we examine:

  • What the Arcules employee claimed was a 'security breach'
  • Arcules CEO response and partial explanation of what happened
  • New VSaaS security concerns, not possible with VMSes
  • False claim that "Arcules is a fully compliant GDPR company"
  • Arcules CEO legal action threat
  • Problems at Arcules

** ******* ******** ****** out * ****** '******** breach', *******, ******* *** disputed **** ** '**********' and ********** ** *** IPVM.

****** **** ****, ** examine:

  • **** *** ******* ******** claimed *** * '******** breach'
  • ******* *** ******** *** partial *********** ** **** happened
  • *** ***** ******** ********, not ******** **** *****
  • ***** ***** **** "******* is * ***** ********* GDPR *******"
  • ******* *** ***** ****** threat
  • ******** ** *******

[***************]

'Security ******'

******** ******* ******** **** shared **** **** **** explained *** *********. *** key ****** **** ** Arcules ******** ****:

* **** **** ****. An ******* ********* *** added ** [********] ******* and ** ** ******* escalated.

**** ** * ******** breach ** ***** ***. Saying ** ** * bug ** ************.

**** ** * ******** matter ** [********] ******** it ***** **** * bug ** *** ****. Please ***** **** ** a ****-***. **** *** need ** ****** **** to *** **-**** ******** moving *******.

** ********, ** ******* employee **** **** *** situation *** **** ***** since *** ****'* **** did *** ******* *** outside ********** ***** ***** by *******:

*** *** ***** *** CIO ***** ***** *** system *** *** *** and ** ***** ** explanation *** ******* *** captured ***** **** ** the *** *****.

CEO ******** *** ******* ***********

***** ** ******** ******* CEO **** ** ******** this ************* *** ****** we ********* **** ****,******* *** ********* *** own ******** ****** *** *****:

*** **** ********* ***** this ******** *** **** Arcules **** ** ******** information *** **** *********:

** ** *****, ***** a **** ******** *** detailed ******** *************, ** know **** ** ** point *** *** ******** information **** ********* ** unauthorized *****, *** ** video ****, ******, *******, or ***** *********** *** accessed, ****, ** *********.

** ** ***** **** someone **** ******* ********** added ** ********** *** that *** *** **** saw **** ********** ****** inside ***** ******* *******. What ** ******* ** what *** ****** ** an ******* ********** ***** added ** ** *** user's ******* **.

** ***** ******* ** clarify, ******* ****** *********, "An ******* ********** ***** not **** ******".

**** ******* ** ***** to ******* ****** **** errors ** ******* **** the ******* ******* ****:

** ***'* ******** *** internal ******** *********, ****** to *** **** ** adjusted *** ******** ******* that **** **** ** the ******* ******

VSaaS ******** ******** ********

**** ** * *********** security ******* **** ***** providers - *** ** they ****** **** ***** employees, ********, ******, ***. do *** *** ****** to * ******** ******* that *** ***** ********?

** ** ********** ********* than *****. ** ** fundamentally ********** *** *********, as ** *******, ** give ****** ****** ** a ********'* ******** ****** for *** ****** ****** that ********* **** *** have ****** ** **** systems. **** ** * proverbial '*** ** *** head' *********, ** ** just *** ********.

**** *******, ******* ** is ******* ** ***** Eye ** ******* ** Verkada, ***., **** ** a ******* *******. *******, by **********, **** ******** access ** ***** ********'* video ************ ****** ********* internal ****** **** ***** local **** ******** (***** their ********** ** ******* are **-****).

** ******* *** ********** or *********** ***** ** integrator, ** ********, * random **********, ***. ****** to * ********'* *******. Arcules *** ***** ************ but ** ** *** from ***** *** **** are ******** **** **** does *** ******.

** *** ** ** an ***** *** *** VSaaS ********* *** ********** for **********-******* **** **** Arcules ***** ***** ********* are *** ***** ** shrug ********* *** *** "I ***'* **** ** you *** ** ** my *********".

False **** *****

*********** *** *******,******* ***'* ******** *********** ******:

**** ** ********** ****** and ************* ** *** same ****** ** ******* CEO '********* *** *****'.

** *** ****, ******* have ***** ***** **** claims ** *** ** Cloud **** ** ******* but **** ****** ** the ***** ** **** GDPR **********. ******* ******** as **** ** **:

******* ** ********* **** its ************ ***** ****.** **** ******* ******** policies, *********, *** ********** that ***** ******* ******* of ****.** *** ******* ** within *** **** ** the ******* **** ********** Regulation (****) ********** **** organizations *** ******* ** a **** ** *******. Arcules ** * ****** of *** ** ***** Code ** ******* *** recognizes ** **** *** make ******* ***** *********.

***** ******* ****** **** the ** ***** **** of ******* **** *** make ******* * '***** compliant **** *******' ** it ******, **** ****? We ***** ******* **** in * ******-** ******* one **** *** *** no ********.

******,***** ******, *** ************ **** runs **** **** ** Conduct ***** **** ****'* Charles ****** **** ****, confirming **** **** ** false:

** ********* *** ****, but ******* ******** **'* not *******. ** ***** be * ******* ** say **** ********* **** adhere ** *** *** are ************* **** *********. With ** ***, **** can *********** ********** [** the ****] ** **** of ***** ******** ** processors. *** *** ***** company.

********, ************** ********* ******* *** EU **** ** ******** **** ***,******* *** *** ********* even *** *********** ********** that **** *****.

*** **** *** *** trust * ******* **** pledges ************ *** ***** but ***** * ******* false ***** ***** ****? And **** ***** ************* does **** ***** ** buyers *** ******* ******* claim **** **** **** fully **** *********?

Legal ****** ******

****** *** ****, ******* CEO ********** ** *** us:

*** *********** ** ******* of ******* ************ *********** could ** ********* ** Arcules *** *** *********, and ** ***** **** be ********* ** **** legal ******.

** ***** ** ********* a **** **** ****** publishing:

*** ***** **** *** information *** ******** / shared ** **** ********, not **. *** ** do *** **** *** confidentiality ** ***-********** ********* with **** *******. **** we *** ***** **** is ******** **********. ** you ******, **** * recommend *** *********** **** us * ***** *** desist ****** ** **** attorneys *** ******* **** grounds *** *** ****** this ***** ******* **.

***** *** ** ******* response **** *******. *** there *** ****** ** grounds *** **** * threat. **** **** ********* us *** ****** ******* does *** ********** **** or ******* ****** **** was * ****** ***** tactic ******* **.

Problems ** *******

** ******, **** ** just *** **** ****** in ******* ******** ******* have ***, ** *** headcount ********* ** ******* in *** **** ****:

********** *** *** *********** management ********, **** **** *** / **** of ***** **** *****. ***, ** **** case *****, ******* ******* employees *** **-********* *** frustrated **** ******.

** ** *** * bit **********. ******* ** the '*****' ** ***** and *********, ** ** has *** *** ********, resources *** ***** * 'startup' ***** ****. ***, yet, ** *********.

** ***** ***** ***** and ********* **** ****** this *** *** ***, as ** ******, ******* in *** ****,******* ** ******* ******** for ********* ***, ** ** ** increasingly ******** *** ***** 'family' **** ****** ***.

Comments (18)

****, **** ** ******* the **** ** ******** I *** ******** **** ** **** ** the "**** ****** *** To ******** **** *******" discussion.

***** ******* ***** * lot ** *******, *** for **** ***** *** be **** ****** **** what **** **** ***** implement ** ***** ***, but **** ***** **** the ******** **** **** you *** ******** *** operator ** ** ******* than *** ***. (**, at ***** ** ***** as ***).

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

** * **** ******* note, * ** ***** all ***** ***** ************ providers *** ***** ** have ** ********* ****** their ******* / ********** for ******** ****** ** accounts / *****. *** will ***** **** ** trust **** **** **** are ****** ** ******** / ******* *** ** least ** ******** ***** some ******* / ******* to ******** ******.

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

*******. ** *** ******* access ** **** **** to * ***** ***** it ****** ** ********** secure. ** ***** ***** services ** ** ******** best ** ****** **** someone **** ** ******* at **** ****.

VSaaS ******** ******** ********

* ****** *** ***** VSaaS ********* *** ******* with ****.

#*, ** **** ** including **** ******** / topic ** ****** ***** tests *** *********, ******.

*'* ******* ******* ** the *******.

*****: ** *** ************ **** **** ******* CEO ** ******* ***** 'open'*** ***********', ** ******** comments:

***** ******** *** ** painful *** ******* ** deal ****, ******** ******* to ******** ***** ***'* thoughts *** ******* ** sharper ***** *** **** to ******* **** ******** and ****************.

*** ** * ****** integraor ***** ** *** account? ** ******* **** was ******* ** *** project *** *** *** supposed ** ** *****?

* ***'* **** *** the ********** *** ** how **** **** ******* [or ***] ** *** customer, **** **** *** customer ******** ******** ** them ***** ***** *** viewed ** ** * security ******.

**** ********* **** **** Andreas. **'* *** **** old "** *** *** victim ****" ***-*****. ******** the ******** ** * snitch **** **** ******** motive ** **** *** icing ** *** ****.

* **** ** ****** to ******* **** ******* is *** ****** ** worse **** ****** **** in ***** ******** ** account ******. ****'** ******** better **** ****** *** their **** **** ** Ukraine, *** ****'* ** extreme ******* - *** evidently********** ***'* ****** ****. I ***** ***'** **** that **** ** *** case **** ** ****.

** *********, *** ******** is ******* - **'* a ******** **** **** Arcules ********* ************ *** add **** ******** (*/* logging **!). **** *** probably ***** *** ******* as **** (******** */* having ** ****** * user ******* ** ***** customers ******). *** ******** many ***** *** ****** is ****: ** ****?

* ***** **'** ********* overestimating *** ***** ****** *** ************** ** *** ******* users, *** **'** ********* the ********** ** **. Only ** **** ** using ** ** **** each ***** **** *** head. *** *** ***** making *** ***** ** unreasonable *********** ***** ******* and ********** ******** ******'* razor.

**** ********* *** ** confusing ** ****** *********, who ****** *** ********* are ***** *******. *** employee **** ********* * security ****, *** ** their ********, *** ** met **** ****** *** meh's... ***** ******** **** the ******** *** **** no ******* **** *** company, *** **** ***** reaches *** ** ****, and *********** ** * *********** ****** ** ******** not ******* ***** *******.

** ** ****, ***** are ***** ***** ******** plays * ***** ****, but ****** **-*** *** takes ******** ********* ***** use * ***** ********, or **** ******** ****** their ***/***/*** ******** ** the ********.

*'* ******** **** *** whistleblower, ******, ***, ******** you **** ** **** him/her ** ** **** being ********** (** *******). I **** ****'* *** case, ********* **'* ****** clear **** **** ** not *** ***** ** share **** *********.

****** **-*** *** ***** security ********* ***** *** a ***** ********, ** even ******** ****** ***** VMS/NVR/DVR ******** ** *** Internet.

****'* *** *******. **** their ******** ********, * saw * ***** ********* that *** ********* ***** and ******* **** *** a ******* ********* **** that *** ***** (** at ***** ********) *******.

** ***** * ***** with *** ***** **** Ring ********* *** ****** about*** **** / ******* security ********, ******* ** ***** after ***** *** ************* customers **** ********** ****.

** **** *****, ******, I *** ********* ***** customers ***** **** ******** Arcules, ***** ***** ******* issues *** ******* ***** of ******* *****-********* ******* inside ***** ***********. **** said, ******* *** * lot ** ***** *** connections *** *********. *** question ******* *** ******* close / **** **** such ********.

****** **-*** *** ***** security*********

***** ********. **** ******* you're *** **** *** mean *** **** ** seriously.

********?

**** ** **** ******** - *********

**** ******* ***'** *** does *** **** *** take ** *********

***, ***** ********* ******* they **** ** *********. Now ******* **** ** or **** **** ********** of '***********' ** ******* question.

*** ***** ******** ** this ********** ***** ***** to *** ******* ***** a **** ****** ***** of *********** **** **** average **** ********, ******* we *** ***** ** that?

*'** ***** **** **** customer **** ** *********, and ******* (*********) ****'* - ***** ** *********. Since * *****'* **** the ******, * ***'* know *** **** *** whistleblower ****** *** **********, but ** ***** ** me **** ******** *** to *** *** *** last ****** *** ** here ** ***. **** users **** ****** ******** against ******, *** *****'* probably * *********** ****** in *** *** **** EULA ***** **** **** of *****.

*'** ***** **** **** it *********, *** ** weird ***; **** ** I *** "*******" ***** my ****** ** ******* a *** ** ******** about *** ************ ** a *** ********* *** worrying * ***, *** never ******** ********** *** living ** * **** of ******, ****** *** fried *******.

* ****** *** *** at *** ******* **** tell *** **** ***** chicken ** *** ******** bad *** ***, ************ ***** *** ***** granddad *** *** * bucket ** ******* ***** day, ****** ** ********** cigarettes * *** *** lived ** ** *** (he ******** **** ****** in ** ******** ******* since *** ****** *** of *).

****, * ** ************ here, *** ** *** question ** - *** an *** **** ********** expect * ****** ***** system, ***** - ********* - ******* ******** **** "secure" *****.

* *****, ** *********, it *** ** **** - *** **** * level **** **** * would ******** ****, ** I ***'* ***** *** clients *** ******** **** Arcules *** ******** **** it, *** **** ********* how ** ***** ******** (which ** *** * will ***** ** **** now **) ***** *** able ** *** **** random **** ** ***** account. **** **** ** thing **** ****** ***. Like **** *** *********** find * ******, ****** piece ** **** ** the ****** ** * restaurant, *** *** ***** (predictably) **** "**** *** a ***-**** ********, *** we ******* ** ***** up ****** ** *******!".

* ***** ****** ******* about ** * ****** longer, *'** *** ****: I ***** *****'* * case *** ***** **** for ********* **** *** serious ***** ********. *** question ** - *** do *** ***** **** a ***** ******** ** secure ******* ****** *** code ******** *********?

**** * *****. **** rules *** ************ ****/**** solutions:

*** ******** *** ** access ** *** ******** related **** ** **************.

* ********’* ************* *** no ****** ** **‘* own (*****) *******. **** a ********‘* ************* *** no ****** ** ** (we *** *** ** end **********).

*** *****/*************/******** *** ** be ********** ** * protected ********. * ************ of **** ******** *** to ** ********* ** documentated (** *** * blockchain).

***** *** ******* **** rules ******* ************ ******* providers **** ******* ********** from *** *********. *** they *** ********* ** well ***** **** ********** and **** ******** **** and *****. * ***** solution ******** ** * technical *** * ********** part. **** ** ******* her.

*****

* *** ******* ******* security ** **** **** "network ********" *** * packet ****** ** * router. ** **** **** very *** ****** *** access ** *** *** resources. **** ******* *** shifted ************. *** ******* is *** ***** ******** per **, ** ** that ***** ********* **** rely ** ***** *** not ** ** ***** about ******** ******** ** you ***. *** *******, I ***** *** ****** with ***** ***** *********** on * ****** **** on ***** ********. * see ****** **** *** casual ***** *** ************ they ******** ** ***** cellphones.*** ***** **** ***** is * ******* ***** with ******** ** ** IoT ***********, *** **** people **** **** ****** to * ******* ********, the **** ******** ** is.**** ***** *** ****** were ****** ******* * 3rd ***** ******* *** A/C *********** ********** ******* to ***** ***. **** malware ****** **** ******** thermostats ** *** ******** network. ** *** **** few ****** * **** spoken **** **** *********** that, ** ***** ***** for ********* *******, *** pushing ***** ********* **** Arcules. * ** *** suggesting **** ***** ******** should ***** ** **********. What * ** ********** is **** ** ** a ******** **** ****** not ** ***** *******. The ******** ***** *** not ********** *** *********** would ** **** ** cover ***** *** ******** strategies **** ***** *******.

******: ******* *** ******* its ***** **** *****,******** *** ****** * **** **** qualified / ******* *****:

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Milestone CEO Resigns on Mar 11, 2020
Milestone's CEO has resigned, after 17 years on the job but there is no replacement yet. We argued last year that Milestone has problems. Now,...
ADT Acquires Much Maligned "Defenders" on Jan 07, 2020
"The Defenders" has the dubious distinction of being ADT's largest partner and a long history of customer and employee complaints and...
Verkada Salesman Falsely Alleges Competitor Bankruptcy on Jan 02, 2020
A Verkada salesman falsely told a large end-user that the user's VMS provider faced bankruptcy. Verkada management acknowledged the error to...
Stop Blaming Your Employee, Wyze on Dec 30, 2019
Wyze management is at fault for its massive data leak, not its 'employee', as it has centered the blame on. While blaming an employee is clever...
Wyze Massive Data Leak on Dec 26, 2019
Wyze has exposed millions of user's data, as reported by Twelve Security, and confirmed by IPVM, who has spoken with Twelve Security and reviewed...
Arcules CEO Retracts False GDPR Claim + Dahua and Milestone Claims Examined on Dec 03, 2019
Arcules CEO has retracted a false claim about his organization being a "fully compliant GDPR company" after IPVM reporting (Arcules CEO Threatens...
Wyze Fires Back at JCI - Your Patents Are Invalid, Pay All Of Our Costs on Nov 18, 2019
Goliath JCI targeted startup Wyze this summer alleging the fast-growing consumer startup was violating a slew of JCI's patents. Now, Wyze has...
ASCMA / Monitronics Declares Chapter 11 Bankruptcy on May 22, 2019
Monitronics is entering into Chapter 11 bankruptcy. The company, also called Ascent Capital Group Inc., aka ASCMA, aka Brinks Home Security,...
Milestone Alleges [Now Removed], Qognify Denies VMS "Running Out Of Support" on May 01, 2019
Milestone is running a marketing campaign where they allege that OnSSI and Seetec VMSes are 'running out of support'. However, Qognify's CEO flatly...
Verkada Salesman: IPVM "Stuck In A The Stone Age" on Apr 25, 2019
Verkada is 'tackling dinosaurs' and battling those, like IPVM, who are 'stuck in a the stone age'. Verkada's recent sales recruiting promotion...

Most Recent Industry Reports

Proxy Presents Mobile Credentials For BLE Devices and Access on May 29, 2020
Proxy presented Mobile Credentials For BLE Devices and Access at the May 2020 IPVM Startups show. Inside this report: A 30-minute video...
ISC West 2020 Moves To The Basement on May 29, 2020
The twice cancelled/postponed show will now not only be held in a different month (October) but on a different floor, moving down to the...
Integrators Avoiding Coronavirus Air Travel on May 29, 2020
IPVM asked integrators if air travel is part of their 2020 plans to see how significantly Coronavirus will impact future...
Viakoo Presents Cyber Hygiene for Cameras on May 28, 2020
Viakoo presented its 'Cyber Hygiene' and 'Service Assurance' products at the April 2020 IPVM New Products show. Inside this report: A...
Seek Scan Thermal Temperature Screening System ReTested on May 28, 2020
Now that IPVM has tested Dahua, Hikvision, and Sunell, we are returning to Seek, the first blackbody system we tested and retested it with our...
Directory of 110 "Fever" Camera Suppliers on May 28, 2020
This directory provides a list of "Fever" scanning thermal camera providers to help you see and research what options are available. There are...
Fever Cameras Are Medical Devices, Per The FDA, Dahua, Feevr, Hikvision, InVid Contrary Claims Are False on May 28, 2020
Fever cameras are medical devices, despite what euphemisms various sellers use. The US FDA clearly categorizes them as medical devices and...
Wyze Raises $10 Million And Seeks Services Expansion on May 27, 2020
Wyze has raised $10 million, the company's first disclosed raise since the $20 million announced at the beginning of 2019. Inside this note,...
"Fever Camera" Show June 2020 Next Tuesday on May 27, 2020
IPVM is excited for the world's first "Fever Camera" show, to be held next Tuesday June 2nd and Wednesday the 3rd from 11am to 3pm EDT, giving you...
Startup Videoloft Presents Cloud Storage on May 27, 2020
Videoloft presented offsite cloud storage at the May 2020 IPVM Startups show. A 30-minute video from Videoloft including IPVM...