Arcules CEO Threatens Over "Security Breach"

By: John Honovich, Published on Nov 25, 2019

An Arcules employee called out a recent 'security breach', however, Arcules CEO disputed this as 'inaccurate' and threatened to sue IPVM.

Inside this note, we examine:

  • What the Arcules employee claimed was a 'security breach'
  • Arcules CEO response and partial explanation of what happened
  • New VSaaS security concerns, not possible with VMSes
  • False claim that "Arcules is a fully compliant GDPR company"
  • Arcules CEO legal action threat
  • Problems at Arcules

** ******* ******** ****** out * ****** '******** breach', *******, ******* *** disputed **** ** '**********' and ********** ** *** IPVM.

****** **** ****, ** examine:

  • **** *** ******* ******** claimed *** * '******** breach'
  • ******* *** ******** *** partial *********** ** **** happened
  • *** ***** ******** ********, not ******** **** *****
  • ***** ***** **** "******* is * ***** ********* GDPR *******"
  • ******* *** ***** ****** threat
  • ******** ** *******

[***************]

'Security ******'

******** ******* ******** **** shared **** **** **** explained *** *********. *** key ****** **** ** Arcules ******** ****:

* **** **** ****. An ******* ********* *** added ** [********] ******* and ** ** ******* escalated.

**** ** * ******** breach ** ***** ***. Saying ** ** * bug ** ************.

**** ** * ******** matter ** [********] ******** it ***** **** * bug ** *** ****. Please ***** **** ** a ****-***. **** *** need ** ****** **** to *** **-**** ******** moving *******.

** ********, ** ******* employee **** **** *** situation *** **** ***** since *** ****'* **** did *** ******* *** outside ********** ***** ***** by *******:

*** *** ***** *** CIO ***** ***** *** system *** *** *** and ** ***** ** explanation *** ******* *** captured ***** **** ** the *** *****.

CEO ******** *** ******* ***********

***** ** ******** ******* CEO **** ** ******** this ************* *** ****** we ********* **** ****,******* *** ********* *** own ******** ****** *** *****:

*** **** ********* ***** this ******** *** **** Arcules **** ** ******** information *** **** *********:

** ** *****, ***** a **** ******** *** detailed ******** *************, ** know **** ** ** point *** *** ******** information **** ********* ** unauthorized *****, *** ** video ****, ******, *******, or ***** *********** *** accessed, ****, ** *********.

** ** ***** **** someone **** ******* ********** added ** ********** *** that *** *** **** saw **** ********** ****** inside ***** ******* *******. What ** ******* ** what *** ****** ** an ******* ********** ***** added ** ** *** user's ******* **.

** ***** ******* ** clarify, ******* ****** *********, "An ******* ********** ***** not **** ******".

**** ******* ** ***** to ******* ****** **** errors ** ******* **** the ******* ******* ****:

** ***'* ******** *** internal ******** *********, ****** to *** **** ** adjusted *** ******** ******* that **** **** ** the ******* ******

VSaaS ******** ******** ********

**** ** * *********** security ******* **** ***** providers - *** ** they ****** **** ***** employees, ********, ******, ***. do *** *** ****** to * ******** ******* that *** ***** ********?

** ** ********** ********* than *****. ** ** fundamentally ********** *** *********, as ** *******, ** give ****** ****** ** a ********'* ******** ****** for *** ****** ****** that ********* **** *** have ****** ** **** systems. **** ** * proverbial '*** ** *** head' *********, ** ** just *** ********.

**** *******, ******* ** is ******* ** ***** Eye ** ******* ** Verkada, ***., **** ** a ******* *******. *******, by **********, **** ******** access ** ***** ********'* video ************ ****** ********* internal ****** **** ***** local **** ******** (***** their ********** ** ******* are **-****).

** ******* *** ********** or *********** ***** ** integrator, ** ********, * random **********, ***. ****** to * ********'* *******. Arcules *** ***** ************ but ** ** *** from ***** *** **** are ******** **** **** does *** ******.

** *** ** ** an ***** *** *** VSaaS ********* *** ********** for **********-******* **** **** Arcules ***** ***** ********* are *** ***** ** shrug ********* *** *** "I ***'* **** ** you *** ** ** my *********".

False **** *****

*********** *** *******,******* ***'* ******** *********** ******:

**** ** ********** ****** and ************* ** *** same ****** ** ******* CEO '********* *** *****'.

** *** ****, ******* have ***** ***** **** claims ** *** ** Cloud **** ** ******* but **** ****** ** the ***** ** **** GDPR **********. ******* ******** as **** ** **:

******* ** ********* **** its ************ ***** ****.** **** ******* ******** policies, *********, *** ********** that ***** ******* ******* of ****.** *** ******* ** within *** **** ** the ******* **** ********** Regulation (****) ********** **** organizations *** ******* ** a **** ** *******. Arcules ** * ****** of *** ** ***** Code ** ******* *** recognizes ** **** *** make ******* ***** *********.

***** ******* ****** **** the ** ***** **** of ******* **** *** make ******* * '***** compliant **** *******' ** it ******, **** ****? We ***** ******* **** in * ******-** ******* one **** *** *** no ********.

******,***** ******, *** ************ **** runs **** **** ** Conduct ***** **** ****'* Charles ****** **** ****, confirming **** **** ** false:

** ********* *** ****, but ******* ******** **'* not *******. ** ***** be * ******* ** say **** ********* **** adhere ** *** *** are ************* **** *********. With ** ***, **** can *********** ********** [** the ****] ** **** of ***** ******** ** processors. *** *** ***** company.

********, ************** ********* ******* *** EU **** ** ******** **** ***,******* *** *** ********* even *** *********** ********** that **** *****.

*** **** *** *** trust * ******* **** pledges ************ *** ***** but ***** * ******* false ***** ***** ****? And **** ***** ************* does **** ***** ** buyers *** ******* ******* claim **** **** **** fully **** *********?

Legal ****** ******

****** *** ****, ******* CEO ********** ** *** us:

*** *********** ** ******* of ******* ************ *********** could ** ********* ** Arcules *** *** *********, and ** ***** **** be ********* ** **** legal ******.

** ***** ** ********* a **** **** ****** publishing:

*** ***** **** *** information *** ******** / shared ** **** ********, not **. *** ** do *** **** *** confidentiality ** ***-********** ********* with **** *******. **** we *** ***** **** is ******** **********. ** you ******, **** * recommend *** *********** **** us * ***** *** desist ****** ** **** attorneys *** ******* **** grounds *** *** ****** this ***** ******* **.

***** *** ** ******* response **** *******. *** there *** ****** ** grounds *** **** * threat. **** **** ********* us *** ****** ******* does *** ********** **** or ******* ****** **** was * ****** ***** tactic ******* **.

Problems ** *******

** ******, **** ** just *** **** ****** in ******* ******** ******* have ***, ** *** headcount ********* ** ******* in *** **** ****:

********** *** *** *********** management ********, **** **** *** / **** of ***** **** *****. ***, ** **** case *****, ******* ******* employees *** **-********* *** frustrated **** ******.

** ** *** * bit **********. ******* ** the '*****' ** ***** and *********, ** ** has *** *** ********, resources *** ***** * 'startup' ***** ****. ***, yet, ** *********.

** ***** ***** ***** and ********* **** ****** this *** *** ***, as ** ******, ******* in *** ****,******* ** ******* ******** for ********* ***, ** ** ** increasingly ******** *** ***** 'family' **** ****** ***.

Comments (18)

****, **** ** ******* the **** ** ******** I *** ******** **** ** **** ** the "**** ****** *** To ******** **** *******" discussion.

***** ******* ***** * lot ** *******, *** for **** ***** *** be **** ****** **** what **** **** ***** implement ** ***** ***, but **** ***** **** the ******** **** **** you *** ******** *** operator ** ** ******* than *** ***. (**, at ***** ** ***** as ***).

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

** * **** ******* note, * ** ***** all ***** ***** ************ providers *** ***** ** have ** ********* ****** their ******* / ********** for ******** ****** ** accounts / *****. *** will ***** **** ** trust **** **** **** are ****** ** ******** / ******* *** ** least ** ******** ***** some ******* / ******* to ******** ******.

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

*******. ** *** ******* access ** **** **** to * ***** ***** it ****** ** ********** secure. ** ***** ***** services ** ** ******** best ** ****** **** someone **** ** ******* at **** ****.

VSaaS ******** ******** ********

* ****** *** ***** VSaaS ********* *** ******* with ****.

#*, ** **** ** including **** ******** / topic ** ****** ***** tests *** *********, ******.

*'* ******* ******* ** the *******.

*****: ** *** ************ **** **** ******* CEO ** ******* ***** 'open'*** ***********', ** ******** comments:

***** ******** *** ** painful *** ******* ** deal ****, ******** ******* to ******** ***** ***'* thoughts *** ******* ** sharper ***** *** **** to ******* **** ******** and ****************.

*** ** * ****** integraor ***** ** *** account? ** ******* **** was ******* ** *** project *** *** *** supposed ** ** *****?

* ***'* **** *** the ********** *** ** how **** **** ******* [or ***] ** *** customer, **** **** *** customer ******** ******** ** them ***** ***** *** viewed ** ** * security ******.

**** ********* **** **** Andreas. **'* *** **** old "** *** *** victim ****" ***-*****. ******** the ******** ** * snitch **** **** ******** motive ** **** *** icing ** *** ****.

* **** ** ****** to ******* **** ******* is *** ****** ** worse **** ****** **** in ***** ******** ** account ******. ****'** ******** better **** ****** *** their **** **** ** Ukraine, *** ****'* ** extreme ******* - *** evidently********** ***'* ****** ****. I ***** ***'** **** that **** ** *** case **** ** ****.

** *********, *** ******** is ******* - **'* a ******** **** **** Arcules ********* ************ *** add **** ******** (*/* logging **!). **** *** probably ***** *** ******* as **** (******** */* having ** ****** * user ******* ** ***** customers ******). *** ******** many ***** *** ****** is ****: ** ****?

* ***** **'** ********* overestimating *** ***** ****** *** ************** ** *** ******* users, *** **'** ********* the ********** ** **. Only ** **** ** using ** ** **** each ***** **** *** head. *** *** ***** making *** ***** ** unreasonable *********** ***** ******* and ********** ******** ******'* razor.

**** ********* *** ** confusing ** ****** *********, who ****** *** ********* are ***** *******. *** employee **** ********* * security ****, *** ** their ********, *** ** met **** ****** *** meh's... ***** ******** **** the ******** *** **** no ******* **** *** company, *** **** ***** reaches *** ** ****, and *********** ** * *********** ****** ** ******** not ******* ***** *******.

** ** ****, ***** are ***** ***** ******** plays * ***** ****, but ****** **-*** *** takes ******** ********* ***** use * ***** ********, or **** ******** ****** their ***/***/*** ******** ** the ********.

*'* ******** **** *** whistleblower, ******, ***, ******** you **** ** **** him/her ** ** **** being ********** (** *******). I **** ****'* *** case, ********* **'* ****** clear **** **** ** not *** ***** ** share **** *********.

****** **-*** *** ***** security ********* ***** *** a ***** ********, ** even ******** ****** ***** VMS/NVR/DVR ******** ** *** Internet.

****'* *** *******. **** their ******** ********, * saw * ***** ********* that *** ********* ***** and ******* **** *** a ******* ********* **** that *** ***** (** at ***** ********) *******.

** ***** * ***** with *** ***** **** Ring ********* *** ****** about*** **** / ******* security ********, ******* ** ***** after ***** *** ************* customers **** ********** ****.

** **** *****, ******, I *** ********* ***** customers ***** **** ******** Arcules, ***** ***** ******* issues *** ******* ***** of ******* *****-********* ******* inside ***** ***********. **** said, ******* *** * lot ** ***** *** connections *** *********. *** question ******* *** ******* close / **** **** such ********.

****** **-*** *** ***** security*********

***** ********. **** ******* you're *** **** *** mean *** **** ** seriously.

********?

**** ** **** ******** - *********

**** ******* ***'** *** does *** **** *** take ** *********

***, ***** ********* ******* they **** ** *********. Now ******* **** ** or **** **** ********** of '***********' ** ******* question.

*** ***** ******** ** this ********** ***** ***** to *** ******* ***** a **** ****** ***** of *********** **** **** average **** ********, ******* we *** ***** ** that?

*'** ***** **** **** customer **** ** *********, and ******* (*********) ****'* - ***** ** *********. Since * *****'* **** the ******, * ***'* know *** **** *** whistleblower ****** *** **********, but ** ***** ** me **** ******** *** to *** *** *** last ****** *** ** here ** ***. **** users **** ****** ******** against ******, *** *****'* probably * *********** ****** in *** *** **** EULA ***** **** **** of *****.

*'** ***** **** **** it *********, *** ** weird ***; **** ** I *** "*******" ***** my ****** ** ******* a *** ** ******** about *** ************ ** a *** ********* *** worrying * ***, *** never ******** ********** *** living ** * **** of ******, ****** *** fried *******.

* ****** *** *** at *** ******* **** tell *** **** ***** chicken ** *** ******** bad *** ***, ************ ***** *** ***** granddad *** *** * bucket ** ******* ***** day, ****** ** ********** cigarettes * *** *** lived ** ** *** (he ******** **** ****** in ** ******** ******* since *** ****** *** of *).

****, * ** ************ here, *** ** *** question ** - *** an *** **** ********** expect * ****** ***** system, ***** - ********* - ******* ******** **** "secure" *****.

* *****, ** *********, it *** ** **** - *** **** * level **** **** * would ******** ****, ** I ***'* ***** *** clients *** ******** **** Arcules *** ******** **** it, *** **** ********* how ** ***** ******** (which ** *** * will ***** ** **** now **) ***** *** able ** *** **** random **** ** ***** account. **** **** ** thing **** ****** ***. Like **** *** *********** find * ******, ****** piece ** **** ** the ****** ** * restaurant, *** *** ***** (predictably) **** "**** *** a ***-**** ********, *** we ******* ** ***** up ****** ** *******!".

* ***** ****** ******* about ** * ****** longer, *'** *** ****: I ***** *****'* * case *** ***** **** for ********* **** *** serious ***** ********. *** question ** - *** do *** ***** **** a ***** ******** ** secure ******* ****** *** code ******** *********?

**** * *****. **** rules *** ************ ****/**** solutions:

*** ******** *** ** access ** *** ******** related **** ** **************.

* ********’* ************* *** no ****** ** **‘* own (*****) *******. **** a ********‘* ************* *** no ****** ** ** (we *** *** ** end **********).

*** *****/*************/******** *** ** be ********** ** * protected ********. * ************ of **** ******** *** to ** ********* ** documentated (** *** * blockchain).

***** *** ******* **** rules ******* ************ ******* providers **** ******* ********** from *** *********. *** they *** ********* ** well ***** **** ********** and **** ******** **** and *****. * ***** solution ******** ** * technical *** * ********** part. **** ** ******* her.

*****

* *** ******* ******* security ** **** **** "network ********" *** * packet ****** ** * router. ** **** **** very *** ****** *** access ** *** *** resources. **** ******* *** shifted ************. *** ******* is *** ***** ******** per **, ** ** that ***** ********* **** rely ** ***** *** not ** ** ***** about ******** ******** ** you ***. *** *******, I ***** *** ****** with ***** ***** *********** on * ****** **** on ***** ********. * see ****** **** *** casual ***** *** ************ they ******** ** ***** cellphones.*** ***** **** ***** is * ******* ***** with ******** ** ** IoT ***********, *** **** people **** **** ****** to * ******* ********, the **** ******** ** is.**** ***** *** ****** were ****** ******* * 3rd ***** ******* *** A/C *********** ********** ******* to ***** ***. **** malware ****** **** ******** thermostats ** *** ******** network. ** *** **** few ****** * **** spoken **** **** *********** that, ** ***** ***** for ********* *******, *** pushing ***** ********* **** Arcules. * ** *** suggesting **** ***** ******** should ***** ** **********. What * ** ********** is **** ** ** a ******** **** ****** not ** ***** *******. The ******** ***** *** not ********** *** *********** would ** **** ** cover ***** *** ******** strategies **** ***** *******.

******: ******* *** ******* its ***** **** *****,******** *** ****** * **** **** qualified / ******* *****:

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Milestone Alleges [Now Removed], Qognify Denies VMS "Running Out Of Support" on May 01, 2019
Milestone is running a marketing campaign where they allege that OnSSI and Seetec VMSes are 'running out of support'. However, Qognify's CEO flatly...
Verkada Salesman: IPVM "Stuck In A The Stone Age" on Apr 25, 2019
Verkada is 'tackling dinosaurs' and battling those, like IPVM, who are 'stuck in a the stone age'. Verkada's recent sales recruiting promotion...
Milestone CEO Resigns on Mar 11, 2020
Milestone's CEO has resigned, after 17 years on the job but there is no replacement yet. We argued last year that Milestone has problems. Now,...
ADT Acquires Much Maligned "Defenders" on Jan 07, 2020
"The Defenders" has the dubious distinction of being ADT's largest partner and a long history of customer and employee complaints and...
Arcules CEO Retracts False GDPR Claim + Dahua and Milestone Claims Examined on Dec 03, 2019
Arcules CEO has retracted a false claim about his organization being a "fully compliant GDPR company" after IPVM reporting (Arcules CEO Threatens...
Wyze Massive Data Leak on Dec 26, 2019
Wyze has exposed millions of user's data, as reported by Twelve Security, and confirmed by IPVM, who has spoken with Twelve Security and reviewed...
Stop Blaming Your Employee, Wyze on Dec 30, 2019
Wyze management is at fault for its massive data leak, not its 'employee', as it has centered the blame on. While blaming an employee is clever...
Verkada Salesman Falsely Alleges Competitor Bankruptcy on Jan 02, 2020
A Verkada salesman falsely told a large end-user that the user's VMS provider faced bankruptcy. Verkada management acknowledged the error to...
Wyze Fires Back at JCI - Your Patents Are Invalid, Pay All Of Our Costs on Nov 18, 2019
Goliath JCI targeted startup Wyze this summer alleging the fast-growing consumer startup was violating a slew of JCI's patents. Now, Wyze has...
ASCMA / Monitronics Declares Chapter 11 Bankruptcy on May 22, 2019
Monitronics is entering into Chapter 11 bankruptcy. The company, also called Ascent Capital Group Inc., aka ASCMA, aka Brinks Home Security,...

Most Recent Industry Reports

Pivot3 Mass Layoffs on Mar 27, 2020
Pivot3 has conducted mass layoffs, the culmination of grand hopes, a quarter of a billion dollars in VC funding, and multiple failures to gain...
Athena CEO Criticizes 'Deplorable' 'Nitpicking', IPVM Refutes on Mar 27, 2020
Athena Security's CEO Lisa Falzone has strongly objected to IPVM's reporting on Athena, calling it 'deplorable' and repeatedly criticizing IPVM's...
Hikvision Admits Sanctions Harming Its Financial Performance on Mar 27, 2020
While Hikvision initially downplayed being sanctioned for human rights abuses, the company is now admitting a significant impact in a new PRC...
New Axis M30 Cameras Tested on Mar 26, 2020
Axis has released a new generation of, for them, relatively low cost M30 series cameras, claiming to deliver "sharp video quality even in poor...
Coronavirus Shuts Down ADT Door Knockers on Mar 26, 2020
Coronavirus has another victim - this time, alarm giant ADT has stopped all door to door sales. Door knockers are a critical but controversial...
Access Control Course Spring 2020 - Save $50 Last Day on Mar 26, 2020
Register Now - Spring 2020 Access Control Course. Today, March 26th is the last day to save $50. IPVM offers the most comprehensive access...
Convergint Coronavirus Cuts on Mar 25, 2020
One of the world's largest security integrators, Convergint, has made a major move to handle the impact of coronavirus, with cuts across the...
VSaaS 101 on Mar 25, 2020
Video Surveillance as a Service (VSaaS) is the common industry term for cloud video. But what does it mean? How does it all work? Inside this...
TVT / InVid Facial Recognition Tested on Mar 25, 2020
Facial recognition is frequently sold for thousands of dollars per channel but some China manufacturers are offering full facial recognition...
IPVM Launches On-Demand Courses on Mar 24, 2020
For nearly a decade, IPVM has been a leader in online live courses. Now, we have added on-demand versions for all courses. The same course...