Arcules CEO Threatens Over "Security Breach"

By John Honovich, Published Nov 25, 2019, 09:21am EST

An Arcules employee called out a recent 'security breach', however, Arcules CEO disputed this as 'inaccurate' and threatened to sue IPVM.

Inside this note, we examine:

  • What the Arcules employee claimed was a 'security breach'
  • Arcules CEO response and partial explanation of what happened
  • New VSaaS security concerns, not possible with VMSes
  • False claim that "Arcules is a fully compliant GDPR company"
  • Arcules CEO legal action threat
  • Problems at Arcules

'Security ******'

******** ******* ******** **** shared **** **** **** explained *** *********. *** key ****** **** ** Arcules ******** ****:

* **** **** ****. An ******* ********* *** added ** [********] ******* and ** ** ******* escalated.

**** ** * ******** breach ** ***** ***. Saying ** ** * bug ** ************.

**** ** * ******** matter ** [********] ******** it ***** **** * bug ** *** ****. Please ***** **** ** a ****-***. **** *** need ** ****** **** to *** **-**** ******** moving *******.

** ********, ** ******* employee **** **** *** situation *** **** ***** since *** ****'* **** did *** ******* *** outside ********** ***** ***** by *******:

*** *** ***** *** CIO ***** ***** *** system *** *** *** and ** ***** ** explanation *** ******* *** captured ***** **** ** the *** *****.

CEO ******** *** ******* ***********

***** ** ******** ******* CEO **** ** ******** this ************* *** ****** we ********* **** ****,******* *** ********* *** own ******** ****** *** *****:

*** **** ********* ***** this ******** *** **** Arcules **** ** ******** information *** **** *********:

** ** *****, ***** a **** ******** *** detailed ******** *************, ** know **** ** ** point *** *** ******** information **** ********* ** unauthorized *****, *** ** video ****, ******, *******, or ***** *********** *** accessed, ****, ** *********.

** ** ***** **** someone **** ******* ********** added ** ********** *** that *** *** **** saw **** ********** ****** inside ***** ******* *******. What ** ******* ** what *** ****** ** an ******* ********** ***** added ** ** *** user's ******* **.

** ***** ******* ** clarify, ******* ****** *********, "An ******* ********** ***** not **** ******".

**** ******* ** ***** to ******* ****** **** errors ** ******* **** the ******* ******* ****:

** ***'* ******** *** internal ******** *********, ****** to *** **** ** adjusted *** ******** ******* that **** **** ** the ******* ******

VSaaS ******** ******** ********

**** ** * *********** security ******* **** ***** providers - *** ** they ****** **** ***** employees, ********, ******, ***. do *** *** ****** to * ******** ******* that *** ***** ********?

** ** ********** ********* than *****. ** ** fundamentally ********** *** *********, as ** *******, ** give ****** ****** ** a ********'* ******** ****** for *** ****** ****** that ********* **** *** have ****** ** **** systems. **** ** * proverbial '*** ** *** head' *********, ** ** just *** ********.

**** *******, ******* ** is ******* ** ***** Eye ** ******* ** Verkada, ***., **** ** a ******* *******. *******, by **********, **** ******** access ** ***** ********'* video ************ ****** ********* internal ****** **** ***** local **** ******** (***** their ********** ** ******* are **-****).

** ******* *** ********** or *********** ***** ** integrator, ** ********, * random **********, ***. ****** to * ********'* *******. Arcules *** ***** ************ but ** ** *** from ***** *** **** are ******** **** **** does *** ******.

** *** ** ** an ***** *** *** VSaaS ********* *** ********** for **********-******* **** **** Arcules ***** ***** ********* are *** ***** ** shrug ********* *** *** "I ***'* **** ** you *** ** ** my *********".

False **** *****

*********** *** *******,******* ***'* ******** *********** ******:

**** ** ********** ****** and ************* ** *** same ****** ** ******* CEO '********* *** *****'.

** *** ****, ******* have ***** ***** **** claims ** *** ** Cloud **** ** ******* but **** ****** ** the ***** ** **** GDPR **********. ******* ******** as **** ** **:

******* ** ********* **** its ************ ***** ****.** **** ******* ******** policies, *********, *** ********** that ***** ******* ******* of ****.** *** ******* ** within *** **** ** the ******* **** ********** Regulation (****) ********** **** organizations *** ******* ** a **** ** *******. Arcules ** * ****** of *** ** ***** Code ** ******* *** recognizes ** **** *** make ******* ***** *********.

***** ******* ****** **** the ** ***** **** of ******* **** *** make ******* * '***** compliant **** *******' ** it ******, **** ****? We ***** ******* **** in * ******-** ******* one **** *** *** no ********.

******,***** ******, *** ************ **** runs **** **** ** Conduct ***** **** ****'* Charles ****** **** ****, confirming **** **** ** false:

** ********* *** ****, but ******* ******** **'* not *******. ** ***** be * ******* ** say **** ********* **** adhere ** *** *** are ************* **** *********. With ** ***, **** can *********** ********** [** the ****] ** **** of ***** ******** ** processors. *** *** ***** company.

********, ************** ********* ******* *** EU **** ** ******** **** ***,******* *** *** ********* even *** *********** ********** that **** *****.

*** **** *** *** trust * ******* **** pledges ************ *** ***** but ***** * ******* false ***** ***** ****? And **** ***** ************* does **** ***** ** buyers *** ******* ******* claim **** **** **** fully **** *********?

Legal ****** ******

****** *** ****, ******* CEO ********** ** *** us:

*** *********** ** ******* of ******* ************ *********** could ** ********* ** Arcules *** *** *********, and ** ***** **** be ********* ** **** legal ******.

** ***** ** ********* a **** **** ****** publishing:

*** ***** **** *** information *** ******** / shared ** **** ********, not **. *** ** do *** **** *** confidentiality ** ***-********** ********* with **** *******. **** we *** ***** **** is ******** **********. ** you ******, **** * recommend *** *********** **** us * ***** *** desist ****** ** **** attorneys *** ******* **** grounds *** *** ****** this ***** ******* **.

***** *** ** ******* response **** *******. *** there *** ****** ** grounds *** **** * threat. **** **** ********* us *** ****** ******* does *** ********** **** or ******* ****** **** was * ****** ***** tactic ******* **.

Problems ** *******

** ******, **** ** just *** **** ****** in ******* ******** ******* have ***, ** *** headcount ********* ** ******* in *** **** ****:

********** *** *** *********** management ********, **** **** *** / **** of ***** **** *****. ***, ** **** case *****, ******* ******* employees *** **-********* *** frustrated **** ******.

** ** *** * bit **********. ******* ** the '*****' ** ***** and *********, ** ** has *** *** ********, resources *** ***** * 'startup' ***** ****. ***, yet, ** *********.

** ***** ***** ***** and ********* **** ****** this *** *** ***, as ** ******, ******* in *** ****,******* ** ******* ******** for ********* ***, ** ** ** increasingly ******** *** ***** 'family' **** ****** ***.

Comments (18)

****, **** ** ******* the **** ** ******** I *** ******** **** ** **** ** the "**** ****** *** To ******** **** *******" discussion.

***** ******* ***** * lot ** *******, *** for **** ***** *** be **** ****** **** what **** **** ***** implement ** ***** ***, but **** ***** **** the ******** **** **** you *** ******** *** operator ** ** ******* than *** ***. (**, at ***** ** ***** as ***).

Agree: 9
Disagree
Informative: 2
Unhelpful
Funny

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

** * **** ******* note, * ** ***** all ***** ***** ************ providers *** ***** ** have ** ********* ****** their ******* / ********** for ******** ****** ** accounts / *****. *** will ***** **** ** trust **** **** **** are ****** ** ******** / ******* *** ** least ** ******** ***** some ******* / ******* to ******** ******.

Agree: 11
Disagree
Informative
Unhelpful
Funny

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

*******. ** *** ******* access ** **** **** to * ***** ***** it ****** ** ********** secure. ** ***** ***** services ** ** ******** best ** ****** **** someone **** ** ******* at **** ****.

Agree: 3
Disagree
Informative
Unhelpful
Funny

VSaaS ******** ******** ********

* ****** *** ***** VSaaS ********* *** ******* with ****.

Agree: 5
Disagree
Informative
Unhelpful
Funny

#*, ** **** ** including **** ******** / topic ** ****** ***** tests *** *********, ******.

Agree: 2
Disagree
Informative
Unhelpful
Funny

*'* ******* ******* ** the *******.

Agree: 1
Disagree
Informative
Unhelpful
Funny

*****: ** *** ************ **** **** ******* CEO ** ******* ***** 'open'*** ***********', ** ******** comments:

***** ******** *** ** painful *** ******* ** deal ****, ******** ******* to ******** ***** ***'* thoughts *** ******* ** sharper ***** *** **** to ******* **** ******** and ****************.

Agree: 3
Disagree
Informative
Unhelpful
Funny: 2

*** ** * ****** integraor ***** ** *** account? ** ******* **** was ******* ** *** project *** *** *** supposed ** ** *****?

Agree: 2
Disagree
Informative
Unhelpful
Funny

* ***'* **** *** the ********** *** ** how **** **** ******* [or ***] ** *** customer, **** **** *** customer ******** ******** ** them ***** ***** *** viewed ** ** * security ******.

Agree
Disagree
Informative
Unhelpful
Funny

**** ********* **** **** Andreas. **'* *** **** old "** *** *** victim ****" ***-*****. ******** the ******** ** * snitch **** **** ******** motive ** **** *** icing ** *** ****.

* **** ** ****** to ******* **** ******* is *** ****** ** worse **** ****** **** in ***** ******** ** account ******. ****'** ******** better **** ****** *** their **** **** ** Ukraine, *** ****'* ** extreme ******* - *** evidently********** ***'* ****** ****. I ***** ***'** **** that **** ** *** case **** ** ****.

** *********, *** ******** is ******* - **'* a ******** **** **** Arcules ********* ************ *** add **** ******** (*/* logging **!). **** *** probably ***** *** ******* as **** (******** */* having ** ****** * user ******* ** ***** customers ******). *** ******** many ***** *** ****** is ****: ** ****?

* ***** **'** ********* overestimating *** ***** ****** *** ************** ** *** ******* users, *** **'** ********* the ********** ** **. Only ** **** ** using ** ** **** each ***** **** *** head. *** *** ***** making *** ***** ** unreasonable *********** ***** ******* and ********** ******** ******'* razor.

**** ********* *** ** confusing ** ****** *********, who ****** *** ********* are ***** *******. *** employee **** ********* * security ****, *** ** their ********, *** ** met **** ****** *** meh's... ***** ******** **** the ******** *** **** no ******* **** *** company, *** **** ***** reaches *** ** ****, and *********** ** * *********** ****** ** ******** not ******* ***** *******.

** ** ****, ***** are ***** ***** ******** plays * ***** ****, but ****** **-*** *** takes ******** ********* ***** use * ***** ********, or **** ******** ****** their ***/***/*** ******** ** the ********.

*'* ******** **** *** whistleblower, ******, ***, ******** you **** ** **** him/her ** ** **** being ********** (** *******). I **** ****'* *** case, ********* **'* ****** clear **** **** ** not *** ***** ** share **** *********.

Agree: 1
Disagree: 1
Informative: 2
Unhelpful: 1
Funny

****** **-*** *** ***** security ********* ***** *** a ***** ********, ** even ******** ****** ***** VMS/NVR/DVR ******** ** *** Internet.

****'* *** *******. **** their ******** ********, * saw * ***** ********* that *** ********* ***** and ******* **** *** a ******* ********* **** that *** ***** (** at ***** ********) *******.

** ***** * ***** with *** ***** **** Ring ********* *** ****** about*** **** / ******* security ********, ******* ** ***** after ***** *** ************* customers **** ********** ****.

** **** *****, ******, I *** ********* ***** customers ***** **** ******** Arcules, ***** ***** ******* issues *** ******* ***** of ******* *****-********* ******* inside ***** ***********. **** said, ******* *** * lot ** ***** *** connections *** *********. *** question ******* *** ******* close / **** **** such ********.

Agree: 2
Disagree
Informative: 3
Unhelpful
Funny

****** **-*** *** ***** security*********

***** ********. **** ******* you're *** **** *** mean *** **** ** seriously.

********?

**** ** **** ******** - *********

Agree: 2
Disagree: 1
Informative
Unhelpful
Funny

**** ******* ***'** *** does *** **** *** take ** *********

***, ***** ********* ******* they **** ** *********. Now ******* **** ** or **** **** ********** of '***********' ** ******* question.

*** ***** ******** ** this ********** ***** ***** to *** ******* ***** a **** ****** ***** of *********** **** **** average **** ********, ******* we *** ***** ** that?

Agree: 1
Disagree
Informative
Unhelpful
Funny

*'** ***** **** **** customer **** ** *********, and ******* (*********) ****'* - ***** ** *********. Since * *****'* **** the ******, * ***'* know *** **** *** whistleblower ****** *** **********, but ** ***** ** me **** ******** *** to *** *** *** last ****** *** ** here ** ***. **** users **** ****** ******** against ******, *** *****'* probably * *********** ****** in *** *** **** EULA ***** **** **** of *****.

*'** ***** **** **** it *********, *** ** weird ***; **** ** I *** "*******" ***** my ****** ** ******* a *** ** ******** about *** ************ ** a *** ********* *** worrying * ***, *** never ******** ********** *** living ** * **** of ******, ****** *** fried *******.

* ****** *** *** at *** ******* **** tell *** **** ***** chicken ** *** ******** bad *** ***, ************ ***** *** ***** granddad *** *** * bucket ** ******* ***** day, ****** ** ********** cigarettes * *** *** lived ** ** *** (he ******** **** ****** in ** ******** ******* since *** ****** *** of *).

****, * ** ************ here, *** ** *** question ** - *** an *** **** ********** expect * ****** ***** system, ***** - ********* - ******* ******** **** "secure" *****.

* *****, ** *********, it *** ** **** - *** **** * level **** **** * would ******** ****, ** I ***'* ***** *** clients *** ******** **** Arcules *** ******** **** it, *** **** ********* how ** ***** ******** (which ** *** * will ***** ** **** now **) ***** *** able ** *** **** random **** ** ***** account. **** **** ** thing **** ****** ***. Like **** *** *********** find * ******, ****** piece ** **** ** the ****** ** * restaurant, *** *** ***** (predictably) **** "**** *** a ***-**** ********, *** we ******* ** ***** up ****** ** *******!".

* ***** ****** ******* about ** * ****** longer, *'** *** ****: I ***** *****'* * case *** ***** **** for ********* **** *** serious ***** ********. *** question ** - *** do *** ***** **** a ***** ******** ** secure ******* ****** *** code ******** *********?

Agree
Disagree
Informative: 2
Unhelpful
Funny

**** * *****. **** rules *** ************ ****/**** solutions:

*** ******** *** ** access ** *** ******** related **** ** **************.

* ********’* ************* *** no ****** ** **‘* own (*****) *******. **** a ********‘* ************* *** no ****** ** ** (we *** *** ** end **********).

*** *****/*************/******** *** ** be ********** ** * protected ********. * ************ of **** ******** *** to ** ********* ** documentated (** *** * blockchain).

***** *** ******* **** rules ******* ************ ******* providers **** ******* ********** from *** *********. *** they *** ********* ** well ***** **** ********** and **** ******** **** and *****. * ***** solution ******** ** * technical *** * ********** part. **** ** ******* her.

*****

Agree: 3
Disagree
Informative: 3
Unhelpful
Funny

* *** ******* ******* security ** **** **** "network ********" *** * packet ****** ** * router. ** **** **** very *** ****** *** access ** *** *** resources. **** ******* *** shifted ************. *** ******* is *** ***** ******** per **, ** ** that ***** ********* **** rely ** ***** *** not ** ** ***** about ******** ******** ** you ***. *** *******, I ***** *** ****** with ***** ***** *********** on * ****** **** on ***** ********. * see ****** **** *** casual ***** *** ************ they ******** ** ***** cellphones.*** ***** **** ***** is * ******* ***** with ******** ** ** IoT ***********, *** **** people **** **** ****** to * ******* ********, the **** ******** ** is.**** ***** *** ****** were ****** ******* * 3rd ***** ******* *** A/C *********** ********** ******* to ***** ***. **** malware ****** **** ******** thermostats ** *** ******** network. ** *** **** few ****** * **** spoken **** **** *********** that, ** ***** ***** for ********* *******, *** pushing ***** ********* **** Arcules. * ** *** suggesting **** ***** ******** should ***** ** **********. What * ** ********** is **** ** ** a ******** **** ****** not ** ***** *******. The ******** ***** *** not ********** *** *********** would ** **** ** cover ***** *** ******** strategies **** ***** *******.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny

******: ******* *** ******* its ***** **** *****,******** *** ****** * **** **** qualified / ******* *****:

Agree
Disagree
Informative: 2
Unhelpful
Funny

Agree
Disagree
Informative
Unhelpful
Funny: 2
Read this IPVM report for free.

This article is part of IPVM's 6,956 reports, 927 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports