Arcules CEO Threatens Over "Security Breach"

By: John Honovich, Published on Nov 25, 2019

An Arcules employee called out a recent 'security breach', however, Arcules CEO disputed this as 'inaccurate' and threatened to sue IPVM.

Inside this note, we examine:

  • What the Arcules employee claimed was a 'security breach'
  • Arcules CEO response and partial explanation of what happened
  • New VSaaS security concerns, not possible with VMSes
  • False claim that "Arcules is a fully compliant GDPR company"
  • Arcules CEO legal action threat
  • Problems at Arcules

** ******* ******** ****** out * ****** '******** breach', *******, ******* *** disputed **** ** '**********' and ********** ** *** IPVM.

****** **** ****, ** examine:

  • **** *** ******* ******** claimed *** * '******** breach'
  • ******* *** ******** *** partial *********** ** **** happened
  • *** ***** ******** ********, not ******** **** *****
  • ***** ***** **** "******* is * ***** ********* GDPR *******"
  • ******* *** ***** ****** threat
  • ******** ** *******

[***************]

'Security ******'

******** ******* ******** **** shared **** **** **** explained *** *********. *** key ****** **** ** Arcules ******** ****:

* **** **** ****. An ******* ********* *** added ** [********] ******* and ** ** ******* escalated.

**** ** * ******** breach ** ***** ***. Saying ** ** * bug ** ************.

**** ** * ******** matter ** [********] ******** it ***** **** * bug ** *** ****. Please ***** **** ** a ****-***. **** *** need ** ****** **** to *** **-**** ******** moving *******.

** ********, ** ******* employee **** **** *** situation *** **** ***** since *** ****'* **** did *** ******* *** outside ********** ***** ***** by *******:

*** *** ***** *** CIO ***** ***** *** system *** *** *** and ** ***** ** explanation *** ******* *** captured ***** **** ** the *** *****.

CEO ******** *** ******* ***********

***** ** ******** ******* CEO **** ** ******** this ************* *** ****** we ********* **** ****,******* *** ********* *** own ******** ****** *** *****:

*** **** ********* ***** this ******** *** **** Arcules **** ** ******** information *** **** *********:

** ** *****, ***** a **** ******** *** detailed ******** *************, ** know **** ** ** point *** *** ******** information **** ********* ** unauthorized *****, *** ** video ****, ******, *******, or ***** *********** *** accessed, ****, ** *********.

** ** ***** **** someone **** ******* ********** added ** ********** *** that *** *** **** saw **** ********** ****** inside ***** ******* *******. What ** ******* ** what *** ****** ** an ******* ********** ***** added ** ** *** user's ******* **.

** ***** ******* ** clarify, ******* ****** *********, "An ******* ********** ***** not **** ******".

**** ******* ** ***** to ******* ****** **** errors ** ******* **** the ******* ******* ****:

** ***'* ******** *** internal ******** *********, ****** to *** **** ** adjusted *** ******** ******* that **** **** ** the ******* ******

VSaaS ******** ******** ********

**** ** * *********** security ******* **** ***** providers - *** ** they ****** **** ***** employees, ********, ******, ***. do *** *** ****** to * ******** ******* that *** ***** ********?

** ** ********** ********* than *****. ** ** fundamentally ********** *** *********, as ** *******, ** give ****** ****** ** a ********'* ******** ****** for *** ****** ****** that ********* **** *** have ****** ** **** systems. **** ** * proverbial '*** ** *** head' *********, ** ** just *** ********.

**** *******, ******* ** is ******* ** ***** Eye ** ******* ** Verkada, ***., **** ** a ******* *******. *******, by **********, **** ******** access ** ***** ********'* video ************ ****** ********* internal ****** **** ***** local **** ******** (***** their ********** ** ******* are **-****).

** ******* *** ********** or *********** ***** ** integrator, ** ********, * random **********, ***. ****** to * ********'* *******. Arcules *** ***** ************ but ** ** *** from ***** *** **** are ******** **** **** does *** ******.

** *** ** ** an ***** *** *** VSaaS ********* *** ********** for **********-******* **** **** Arcules ***** ***** ********* are *** ***** ** shrug ********* *** *** "I ***'* **** ** you *** ** ** my *********".

False **** *****

*********** *** *******,******* ***'* ******** *********** ******:

**** ** ********** ****** and ************* ** *** same ****** ** ******* CEO '********* *** *****'.

** *** ****, ******* have ***** ***** **** claims ** *** ** Cloud **** ** ******* but **** ****** ** the ***** ** **** GDPR **********. ******* ******** as **** ** **:

******* ** ********* **** its ************ ***** ****.** **** ******* ******** policies, *********, *** ********** that ***** ******* ******* of ****.** *** ******* ** within *** **** ** the ******* **** ********** Regulation (****) ********** **** organizations *** ******* ** a **** ** *******. Arcules ** * ****** of *** ** ***** Code ** ******* *** recognizes ** **** *** make ******* ***** *********.

***** ******* ****** **** the ** ***** **** of ******* **** *** make ******* * '***** compliant **** *******' ** it ******, **** ****? We ***** ******* **** in * ******-** ******* one **** *** *** no ********.

******,***** ******, *** ************ **** runs **** **** ** Conduct ***** **** ****'* Charles ****** **** ****, confirming **** **** ** false:

** ********* *** ****, but ******* ******** **'* not *******. ** ***** be * ******* ** say **** ********* **** adhere ** *** *** are ************* **** *********. With ** ***, **** can *********** ********** [** the ****] ** **** of ***** ******** ** processors. *** *** ***** company.

********, ************** ********* ******* *** EU **** ** ******** **** ***,******* *** *** ********* even *** *********** ********** that **** *****.

*** **** *** *** trust * ******* **** pledges ************ *** ***** but ***** * ******* false ***** ***** ****? And **** ***** ************* does **** ***** ** buyers *** ******* ******* claim **** **** **** fully **** *********?

Legal ****** ******

****** *** ****, ******* CEO ********** ** *** us:

*** *********** ** ******* of ******* ************ *********** could ** ********* ** Arcules *** *** *********, and ** ***** **** be ********* ** **** legal ******.

** ***** ** ********* a **** **** ****** publishing:

*** ***** **** *** information *** ******** / shared ** **** ********, not **. *** ** do *** **** *** confidentiality ** ***-********** ********* with **** *******. **** we *** ***** **** is ******** **********. ** you ******, **** * recommend *** *********** **** us * ***** *** desist ****** ** **** attorneys *** ******* **** grounds *** *** ****** this ***** ******* **.

***** *** ** ******* response **** *******. *** there *** ****** ** grounds *** **** * threat. **** **** ********* us *** ****** ******* does *** ********** **** or ******* ****** **** was * ****** ***** tactic ******* **.

Problems ** *******

** ******, **** ** just *** **** ****** in ******* ******** ******* have ***, ** *** headcount ********* ** ******* in *** **** ****:

********** *** *** *********** management ********, **** **** *** / **** of ***** **** *****. ***, ** **** case *****, ******* ******* employees *** **-********* *** frustrated **** ******.

** ** *** * bit **********. ******* ** the '*****' ** ***** and *********, ** ** has *** *** ********, resources *** ***** * 'startup' ***** ****. ***, yet, ** *********.

** ***** ***** ***** and ********* **** ****** this *** *** ***, as ** ******, ******* in *** ****,******* ** ******* ******** for ********* ***, ** ** ** increasingly ******** *** ***** 'family' **** ****** ***.

Comments (18)

****, **** ** ******* the **** ** ******** I *** ******** **** ** **** ** the "**** ****** *** To ******** **** *******" discussion.

***** ******* ***** * lot ** *******, *** for **** ***** *** be **** ****** **** what **** **** ***** implement ** ***** ***, but **** ***** **** the ******** **** **** you *** ******** *** operator ** ** ******* than *** ***. (**, at ***** ** ***** as ***).

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

** * **** ******* note, * ** ***** all ***** ***** ************ providers *** ***** ** have ** ********* ****** their ******* / ********** for ******** ****** ** accounts / *****. *** will ***** **** ** trust **** **** **** are ****** ** ******** / ******* *** ** least ** ******** ***** some ******* / ******* to ******** ******.

****'* * **** *****. So ******* ** ********* Hik-Connect? ***** ***** ******* do *** ***** ****? :)

*******. ** *** ******* access ** **** **** to * ***** ***** it ****** ** ********** secure. ** ***** ***** services ** ** ******** best ** ****** **** someone **** ** ******* at **** ****.

VSaaS ******** ******** ********

* ****** *** ***** VSaaS ********* *** ******* with ****.

#*, ** **** ** including **** ******** / topic ** ****** ***** tests *** *********, ******.

*'* ******* ******* ** the *******.

*****: ** *** ************ **** **** ******* CEO ** ******* ***** 'open'*** ***********', ** ******** comments:

***** ******** *** ** painful *** ******* ** deal ****, ******** ******* to ******** ***** ***'* thoughts *** ******* ** sharper ***** *** **** to ******* **** ******** and ****************.

*** ** * ****** integraor ***** ** *** account? ** ******* **** was ******* ** *** project *** *** *** supposed ** ** *****?

* ***'* **** *** the ********** *** ** how **** **** ******* [or ***] ** *** customer, **** **** *** customer ******** ******** ** them ***** ***** *** viewed ** ** * security ******.

**** ********* **** **** Andreas. **'* *** **** old "** *** *** victim ****" ***-*****. ******** the ******** ** * snitch **** **** ******** motive ** **** *** icing ** *** ****.

* **** ** ****** to ******* **** ******* is *** ****** ** worse **** ****** **** in ***** ******** ** account ******. ****'** ******** better **** ****** *** their **** **** ** Ukraine, *** ****'* ** extreme ******* - *** evidently********** ***'* ****** ****. I ***** ***'** **** that **** ** *** case **** ** ****.

** *********, *** ******** is ******* - **'* a ******** **** **** Arcules ********* ************ *** add **** ******** (*/* logging **!). **** *** probably ***** *** ******* as **** (******** */* having ** ****** * user ******* ** ***** customers ******). *** ******** many ***** *** ****** is ****: ** ****?

* ***** **'** ********* overestimating *** ***** ****** *** ************** ** *** ******* users, *** **'** ********* the ********** ** **. Only ** **** ** using ** ** **** each ***** **** *** head. *** *** ***** making *** ***** ** unreasonable *********** ***** ******* and ********** ******** ******'* razor.

**** ********* *** ** confusing ** ****** *********, who ****** *** ********* are ***** *******. *** employee **** ********* * security ****, *** ** their ********, *** ** met **** ****** *** meh's... ***** ******** **** the ******** *** **** no ******* **** *** company, *** **** ***** reaches *** ** ****, and *********** ** * *********** ****** ** ******** not ******* ***** *******.

** ** ****, ***** are ***** ***** ******** plays * ***** ****, but ****** **-*** *** takes ******** ********* ***** use * ***** ********, or **** ******** ****** their ***/***/*** ******** ** the ********.

*'* ******** **** *** whistleblower, ******, ***, ******** you **** ** **** him/her ** ** **** being ********** (** *******). I **** ****'* *** case, ********* **'* ****** clear **** **** ** not *** ***** ** share **** *********.

****** **-*** *** ***** security ********* ***** *** a ***** ********, ** even ******** ****** ***** VMS/NVR/DVR ******** ** *** Internet.

****'* *** *******. **** their ******** ********, * saw * ***** ********* that *** ********* ***** and ******* **** *** a ******* ********* **** that *** ***** (** at ***** ********) *******.

** ***** * ***** with *** ***** **** Ring ********* *** ****** about*** **** / ******* security ********, ******* ** ***** after ***** *** ************* customers **** ********** ****.

** **** *****, ******, I *** ********* ***** customers ***** **** ******** Arcules, ***** ***** ******* issues *** ******* ***** of ******* *****-********* ******* inside ***** ***********. **** said, ******* *** * lot ** ***** *** connections *** *********. *** question ******* *** ******* close / **** **** such ********.

****** **-*** *** ***** security*********

***** ********. **** ******* you're *** **** *** mean *** **** ** seriously.

********?

**** ** **** ******** - *********

**** ******* ***'** *** does *** **** *** take ** *********

***, ***** ********* ******* they **** ** *********. Now ******* **** ** or **** **** ********** of '***********' ** ******* question.

*** ***** ******** ** this ********** ***** ***** to *** ******* ***** a **** ****** ***** of *********** **** **** average **** ********, ******* we *** ***** ** that?

*'** ***** **** **** customer **** ** *********, and ******* (*********) ****'* - ***** ** *********. Since * *****'* **** the ******, * ***'* know *** **** *** whistleblower ****** *** **********, but ** ***** ** me **** ******** *** to *** *** *** last ****** *** ** here ** ***. **** users **** ****** ******** against ******, *** *****'* probably * *********** ****** in *** *** **** EULA ***** **** **** of *****.

*'** ***** **** **** it *********, *** ** weird ***; **** ** I *** "*******" ***** my ****** ** ******* a *** ** ******** about *** ************ ** a *** ********* *** worrying * ***, *** never ******** ********** *** living ** * **** of ******, ****** *** fried *******.

* ****** *** *** at *** ******* **** tell *** **** ***** chicken ** *** ******** bad *** ***, ************ ***** *** ***** granddad *** *** * bucket ** ******* ***** day, ****** ** ********** cigarettes * *** *** lived ** ** *** (he ******** **** ****** in ** ******** ******* since *** ****** *** of *).

****, * ** ************ here, *** ** *** question ** - *** an *** **** ********** expect * ****** ***** system, ***** - ********* - ******* ******** **** "secure" *****.

* *****, ** *********, it *** ** **** - *** **** * level **** **** * would ******** ****, ** I ***'* ***** *** clients *** ******** **** Arcules *** ******** **** it, *** **** ********* how ** ***** ******** (which ** *** * will ***** ** **** now **) ***** *** able ** *** **** random **** ** ***** account. **** **** ** thing **** ****** ***. Like **** *** *********** find * ******, ****** piece ** **** ** the ****** ** * restaurant, *** *** ***** (predictably) **** "**** *** a ***-**** ********, *** we ******* ** ***** up ****** ** *******!".

* ***** ****** ******* about ** * ****** longer, *'** *** ****: I ***** *****'* * case *** ***** **** for ********* **** *** serious ***** ********. *** question ** - *** do *** ***** **** a ***** ******** ** secure ******* ****** *** code ******** *********?

**** * *****. **** rules *** ************ ****/**** solutions:

*** ******** *** ** access ** *** ******** related **** ** **************.

* ********’* ************* *** no ****** ** **‘* own (*****) *******. **** a ********‘* ************* *** no ****** ** ** (we *** *** ** end **********).

*** *****/*************/******** *** ** be ********** ** * protected ********. * ************ of **** ******** *** to ** ********* ** documentated (** *** * blockchain).

***** *** ******* **** rules ******* ************ ******* providers **** ******* ********** from *** *********. *** they *** ********* ** well ***** **** ********** and **** ******** **** and *****. * ***** solution ******** ** * technical *** * ********** part. **** ** ******* her.

*****

* *** ******* ******* security ** **** **** "network ********" *** * packet ****** ** * router. ** **** **** very *** ****** *** access ** *** *** resources. **** ******* *** shifted ************. *** ******* is *** ***** ******** per **, ** ** that ***** ********* **** rely ** ***** *** not ** ** ***** about ******** ******** ** you ***. *** *******, I ***** *** ****** with ***** ***** *********** on * ****** **** on ***** ********. * see ****** **** *** casual ***** *** ************ they ******** ** ***** cellphones.*** ***** **** ***** is * ******* ***** with ******** ** ** IoT ***********, *** **** people **** **** ****** to * ******* ********, the **** ******** ** is.**** ***** *** ****** were ****** ******* * 3rd ***** ******* *** A/C *********** ********** ******* to ***** ***. **** malware ****** **** ******** thermostats ** *** ******** network. ** *** **** few ****** * **** spoken **** **** *********** that, ** ***** ***** for ********* *******, *** pushing ***** ********* **** Arcules. * ** *** suggesting **** ***** ******** should ***** ** **********. What * ** ********** is **** ** ** a ******** **** ****** not ** ***** *******. The ******** ***** *** not ********** *** *********** would ** **** ** cover ***** *** ******** strategies **** ***** *******.

******: ******* *** ******* its ***** **** *****,******** *** ****** * **** **** qualified / ******* *****:

Login to read this IPVM report.

Related Reports

Verkada: "IPVM Should Never Be Your Source of News" on Jul 02, 2020
Verkada was unhappy with IPVM's recent coverage declaring that reading IPVM...
ZKTeco SpeedFace+ Are Medical Devices, Per FDA Definition, Contrary Claims Are False on Jun 12, 2020
ZKTeco SpeedFace+ series products are medical devices as defined by the US...
"He Is An Idiot!" Exclaims SIA Director John Mack on Mar 23, 2020
Here is another inside look into the "leaders" of the security industry. SIA...
Delayed Egress Access Control Tutorial on Feb 04, 2020
Delayed Egress marks one of the few times locking people into a building is...
Athena CEO Criticizes 'Deplorable' 'Nitpicking', IPVM Refutes on Mar 27, 2020
Athena Security's CEO Lisa Falzone has strongly objected to IPVM's reporting...
Terrible Convergint Coronavirus Thermal Camera Recommendation on Apr 01, 2020
A week after Convergint disclosed falling revenue, pay and job cuts,...
Beware Of Feevr on Apr 14, 2020
Beware of "Feevr". The company is marketing a 'Feevr' solution that...
ADT: 'Fever' Cameras Are Medical Devices on Jun 15, 2020
While many manufacturers are avoiding admitting their 'fever' cameras are...
Dahua USA Admits Thermal Solutions "Qualify As Medical Devices" on Jul 02, 2020
Dahua USA has issued a press release admitting a controversial point in the...
ISC News Fakes Fever Screening, Falsely Quotes FDA on Jun 18, 2020
ISC News, the Reed publication behind the ISC East and West trade shows, has...
UK Stands Behind Hikvision But Controversy Continues on Feb 18, 2020
Hikvision is exhibiting at a UK government conference for law enforcement,...
Hikvision Admits Sanctions Harming Its Financial Performance on Mar 27, 2020
While Hikvision initially downplayed being sanctioned for human rights...
Dahua Critical Cloud Vulnerabilities on May 12, 2020
Dahua has acknowledged a series of cloud vulnerabilities that researcher...
Faked Coronavirus Fever Detection, Athena Used Hikvision; Responds - Selling NDAA Compliant Cameras, Pledging 50% Of Profits to Victims on Mar 24, 2020
US company, Athena Security, faked its coronavirus fever detection marketing,...
Convergint Refuses To Fix Faked Fever Marketing, FTC Complaint Filed on Jun 19, 2020
Since Convergint has refused to fix their faked fever camera marketing, IPVM...

Recent Reports

False: Verkada: "If You Want To Remote View Your Cameras You Need To Punch Holes In Your Firewall" on Jul 31, 2020
Verkada falsely declared to “3,000+ customers”, “300 school districts”, and...
US GSA Explains NDAA 889 Part B Blacklisting on Jul 31, 2020
With the 'Blacklist Clause' going into effect August 13 that bans the US...
Access Control Online Show July 2020 - On-Demand Recording of 45+ Manufacturers Presentations on Jul 30, 2020
The show featured 48 Access Control presentations, all now recorded and...
Face Detection Shootout - Dahua, Hanwha, Hikvision, Uniview, Vivotek on Jul 30, 2020
Face detection analytics are available from a number of manufactures...
Sunell is The First China Manufacturer to Market NDAA Compliance on Jul 30, 2020
Most China manufacturers are going to be impacted by the NDAA 'Blacklist...
Ink Labs Relabels China YCX Fever Camera And Steals Dahua's Marketing on Jul 30, 2020
A US company marketed a 'thermal temperature scanner' as its own, selling...
Genetec and Dahua-Backed Intelbras Split Examined on Jul 29, 2020
China is the cause of the breakup between Canada's and Brazil's largest video...
This YouTuber is Now Selling ThermoHealth Temperature Screening on Jul 29, 2020
An enterprising 20-year old is mass marketing medical devices on Facebook and...
Hikvision Returns To Growth Driven By Overseas Fever Cameras on Jul 29, 2020
While Hikvision's revenue fell in Q1 2020, it rebounded in Q2 attributed to...
Brazil's Biggest Domestic Surveillance Company Intelbras Profile on Jul 29, 2020
While Intelbras is not widely known outside of Latin America, Intelbras is a...
The Kiosk Market Pivots To Temperature Screening (Interviewed) on Jul 28, 2020
Video surveillance is not the only market that has pivoted to medical device...
Integrator Acquisitions 'A Good Market' During COVID-19, Says Greybeards on Jul 28, 2020
Industry broker Ron Davis of the "Greybeards" says that the integrator and...
Keypads For Access Control Tutorial on Jul 28, 2020
Keypad readers present huge risks to even the best access systems. If...
US Surgeon General Unwittingly Showcases Sanctioned Dahua Temperature System on Jul 28, 2020
The US' top public health spokesperson, the Surgeon General, posted a photo...
Remote Network Access for Video Surveillance Guide on Jul 27, 2020
Remotely accessing surveillance systems is key in 2020, with more and more...