A security researcher uncovered a critical vulnerability in Hikvision's global cloud servers. This vulnerability allowed an attacker to remotely take over the server and get access to sensitive customer data. This is newer and different than Hikvision's security issues in 2015 and before and has not been disclosed by Hikvision.
Iraklis Mathiopoulos [link no longer available], the researcher who uncovered this, reported the issue to Hikvision, and provided additional perspective to IPVM regarding this issue and Hikvision's handling of it.
Full details of the vulnerability, our analysis of Hikvision's server weakness, and what this means for the security of users with Hikvision cameras on their network is covered in this report.