No Hack, Still Liable, Court Finds ADT

Author: IPVM Team, Published on Jun 20, 2017

Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit.

One of the most important and interesting points behind this settlement is a court order that found ADT could be found liable even if no actual hacks were proven. Many could see this as counterintuitive since what 'damage' had occurred if there was no hack / incident?

In this note, we examine that court order, how the Court reached that conclusion and what impact it might have on manufacturers and providers generally.

********,*** *** **** ** *** **** *** * $** ******* settlement*** * ***** ******** ************* ***** ****** ****.

*** ** *** **** ********* *** *********** ****** ****** **** settlement ** * ***** ***** **** ***** *** ***** ** found ****** **** ** ** ****** ***** **** ******. **** could *** **** ** **************** ***** **** '******' *** ******** if ***** *** ** **** / ********?

** **** ****, ** ******* **** ***** *****, *** *** Court ******* **** ********** *** **** ****** ** ***** **** on ************* *** ********* *********.

[***************]

Executive *******

* ** ********** ******* *********** ** *** ********* *** *** ******* ********** *** ************* ******* ** ****** an ********** ** ** **:

*** ***** ********* **** ********* ************ ******* **** *** **** him * **** ** ******** ******* *** *** ********* ********* of ******** ***** ******* ** *********.

*** ********* / **** ***** ******, **** ******* ** ****** hack, ***** *** ***** ********* **** *** ******** (*** ****) should **** ********* *** ************* *** *** *** ************ ** so.

Industry *********

*** ********** ***** ********** ***** *** **** *** ******** **** about ***** *****:

*** ************ ***** ** ********* ** *** *** ******* **** the ******** ** ***** *** ******* **** ** *** ************* of ******** ******* **** ****** ********* ********** **** ***.

Consumers *** ******** ** ****

** *** **** ****, *** ********** ***** ***** **** ********* would *** ** ******** ** **** ** ***** *****:

**** ********* *** ************ ******* ******** ********* *** ****** **** "[w]hile *********** ********* ***** **** **** ****** *** ** *** possibility ** [* ******], **** ********* ***** *** **** ********* such * ******, *** ***** **** ** ******** **").

Rejects **** ** *******

*** ********* ** *********** ** ***** ** ****** ******** *** the ***** ******** ****, ******* **** * ******** ***** *** have ****** *** ******** ** **** ****:

* ****** **** *** ** ********* ** ** ********. ** is ********* ********* **** * ********** ******** ***** ****** ********** to *** **** **** ***** **** ******** ****** ***** ** easily ** ****** *** ********, **** ****** ****** ********* ** such *******.

General ********** ******** ************

*** ***** ******** *** ******** ***** ******* ********* ********, **** is:

"*** *** *** ******* ***** ******* ** ************** ** ***** is *********** *** *** ******" *** "** ***** ****** *** provide ******** ********** ** ********* ********** ** **** ** ******."

******* ** *********, *** ***** ***** ** *** *** ***** the ******** ****:

**** ******** ** *** * ********** ** *** ********* ******* fact, ****** **** ***'* ******** ******* *** ********** ** *******, jamming, *** ***** **********.

Misleading *********** / ********* ********* **** *******

*** ***** ************ ***** **** ***** ** ******** ************* ****** *********** *** (***)*** ************* ********* ***** ******** *** (****), **** ******** ** ******* ********* ******* ********** *********** *** deceptive **** ** *********.

Industry ******?

**********: **** **** *** ***** ***** ****** *** ********** ********** one's *********.

**** * ******** ***********, ** **** ***** ********. **** ***** suppose ***** ******** ***** *** **** ** ***** ** ** actual ******* / **** / ****** ******. **** ***** ****, as **** ** *** *****'* ******* ******* *-****'* ** *******, *** ******** ** ************* ** ********* ****** ***** ***** and ********* ********* *** *********** ********** ****** ***** *** ******** risks *** ******** ***.

*** ************ *********** ********** ****** ** ***'* ***** **** ($* - $* ******* ****** *******) ******** **** ********. **** ********* that *** ******* *** *** ******* ********** ***** / ******** efforts ** ****** **********. ********, ** ** ******** **** ***'* monthly ******* ******* ***** ******** **** *** ** ********* ****** vs ******** ************* **** **** ******** *** * ***-**** ******.

**** ***********, **** **** *********** **** * ******** ****** (*.*., security ********) *** ***** (*.*., ***** ******** *****) ***** ** used ** ****** ** *** * ******** **** ** *** buyer *** *** ******** **** ******, *** ****** ****** **** they ***** *** **** ****** * ******* ******** ** *** supplier *** ******** ********* / ****** ******** ***** ********. **** is *** **** ** **** **** ********* ****** ********* ********.

Comments (19)

Undisclosed Distributor #1

06/20/17 03:29pm

**'* * **** *********** ****, *** ** ************** ** **** any ****** **** *** ****, ***** *** *************, ** ********* to *** ******** **** **** * ********** **** ** *** be ******. **** ******** ***** ** **** *****, *******/********, *** "smart" ******* ** *** ******, ***. **** ** *** ******** they *** * ******** ****** *** ******* **** * ******* providing ********* *** ***** ** *****, *** **** **** ***** that **** ******** ****** *** *********** ******* ** *** ******** was ******* **** * *******.

John Honovich

IPVM | In reply to Undisclosed Distributor #1 | 06/20/17 03:47pm

** ************** ** **** *** ****** **** *** ****, ***** any *************, ** ********* ** *** ******** **** **** * disclosure **** ** *** ** ******

** ************** (***** ** "*** ***** ******** *** ******** ***** ******* ********* ********")*** **** ** ********* ******** ** ***** (*.*., *********** ********), it ***** ** ** ************ *********, *** ****** * ******* 'anything *** ** ******' *********.

Edgar Mora

06/20/17 04:04pm

* *** **** ** ** ************* ******* ** *** ***** strategy. **** * **** ** **** ********** ******** ** ** country (***** ****) ** ****** ******* ** ******** - **** had ** ** ****** ** *******- **** *** ******* ***** system *** ********** ******* *** *** ** ********* ******. ** offered ******* ** * *** ** ***** *********** ** ** intrusion *** **** ***** *********** ** **** *********** ***** *** never ****.

John Honovich

IPVM | In reply to Edgar Mora | 06/20/17 04:07pm

**** *** ** ** ****** ** *******- **** *** ******* alarm ****** *** ********** ******* *** *** ** ********* ******.

*****, ** **** ****, ** ************* ** **** **** * disclosure / ********* ***** *** **** **** * **********, ***** neither *** *** *** ******** ****** **** *** ****** *** an ********* ******.

* ** *** **** **** *** ******** ********* *********** **** are ** ***** ****, *** ** *** ***, ***** *** a **** ****** ** **** **** *** ***** *** *** laws **** *** ******* / ******* **** *****.

Jeremy Ellis

06/20/17 04:22pm

**** ** ****. *** ******** *** ****** ** **** ******** language ** ** ******** *** *** ** **** **** **** for *****.

Undisclosed Manufacturer #2

06/21/17 02:18pm

** **** ** *********** ** **** *** ******* **** **** be ** * ****** ** **** ******.

**** *** ******** * ***** ** *** ****** *****, *** increase ** ********* *** ************ *** *********** **** **** ********. There *** ****** **** ******* ** *** ****** ******, **** considerations *** *** ********** ** *** ****, *******, **** ***** set * ********* **** **** ****** **** ***** ******* ********** to *** ******** ** ********* ***** ********.

*** ** *** *** ********* * **** **, "*** ** really ***********?"

- *** *********** (*** ***** **** ** **** ****)

- *** **********

- ** ***********

- ***-****... ***.

** ** ****** ** ************ ********* *******, *** ********* *** challenges ** ***** ** ** ********.

* ** *** **** ** **-**** *** ****** ****** ** manufactures ***************, ******* * ***** ***** **** *** ************ *** integrators **** ** *** * ***** ****** ** *** ** respond ** ***** ******, *** **** **** * ********* ***********, but **** **** * ********* **********.

Nick Giannakis

06/21/17 03:02pm

* ***** **** ***** ******** ** * ********** ***** ** SSN's **************** ********** ******* **** ****. *** ***** *** ** impressive ********** ** ******** ******** *** ***** ******** *** * consensus **** *** ************** ** ******.

Undisclosed Distributor #1

In reply to Nick Giannakis | 06/21/17 03:59pm

"******" ******** **** **** ** **** *** ***** *** ****** when ** **** *** *** *** ** *** ***** **************. Almost ** **** ** ****** **** ********** ***.

Luis Carmona

IPVMU Certified | 06/24/17 02:39pm

*** ********* ** *********** ** ***** ** ****** ******** *** the ***** ******** ****, ******* **** * ******** ***** *** have ****** *** ******** ** **** ****:

****'* ***** ** **** ** *********** ****** ** *** **** counters *** ******* **** ** ********* ****** **** ** *********** the *******. *** ****** ***** ***** "** ** **** ****** $1M ** ********, *** ****** *** ******* ***** $*.**, **** to **** ***** *** ******* *****". * ***** **** ** a ***** **** ** *** *** ****** ******** ** ** this ****, *** **** *** ******* ****** *** ** ****** to ***** **** **** ** ********.

Mick Brown

06/29/17 11:03am

*** ***** **** *** ******** ***** ***** ******* *********

******* ****** **** * ***** ****** **** ******* ********* *** dahua

***** ******** *** *** ****** ********

Mick Brown

06/29/17 12:03pm

******* *** ** ** *** **** ******* ****** ********** ***** attack ** **, ******* ********* *****

Mick Brown

06/29/17 01:29pm

***** ******** *** * **** ** **** *** ******** ******** has **** ******* ***** *****

*** *** ***** *** ** ***** **** ***

**** **** ***** ******** *** *******

Robert Baxter

06/29/17 05:24pm

* ****** ** * **** ** *** *********** ********, ***** the ******** ******* ** ********** *****:

WIRELESS *** ******** ****** ************: Subscriber is responsible for supplying high speed Internet access and or wireless services at Subscriber's premises. RADIUS does not provide Internet service, maintain Internet connection, wireless access or communication pathways, computer, smart phone, electric current connection or supply, or in all cases the remote video server. In consideration of Subscriber making its monthly payments for remote access to the system RADIUS will authorize Subscriber access. RADIUS is not responsible for Subscriber's access to the Internet or any interruption of service or down time of remote access caused by loss of Internet service, radio or cellular or any other mode of communication used by Subscriber to access the system. Subscriber acknowledges that Subscriber's security system can be compromised if the codes or devices used for access are lost or accessed by others and RADIUS shall have no liability for such third party unauthorized access. RADIUS is not responsible for the security or privacy of any wireless network system or router. Wireless systems can be accessed by others, and it is the Subscriber's responsibility to secure access to the system with pass codes and lock out codes. RADIUS is not responsible for access to wireless networks or devices that may not be supported by communication carriers and upgrades to subscriber system will be at subscriber's expense.

** **** ***** ********* ******* ***** ******** ** *** ********* the ******** *******, ** *** ******** ******* ** ********** ** the ******** **** *** ********* *********. * ***** ***** ********* need ** ******* *** ********* **********.

John Honovich

IPVM | In reply to Robert Baxter | 06/29/17 03:17pm

******,

****** *** *******. * ** *** **** **** *** ******* you ****** ** ******* ** **** *****, *.*.:

********** ** *********** *** ********* **** ***** ******** ****** *** or ******** ******** ** **********'* ********....
****** ** *** *********** *** *** ******** ** ******* ** anywireless ******* ****** ** ******. Wireless systems can be accessed by others, and it is the Subscriber's responsibility to secure access to the system with pass codes and lock out codes. [IPVM highlighted]

*** *** * **** **** ** **** ** ** * disclaimer ***** *** ****'* *** ******** *******, *** *** ******** communications ******** / **** ** *** ***** ******. ** *** ADT ****, **** *** ****** **** *** *** ******'* *** wireless *** ********, *** *** *********'* ******** *******.

*****/********? ** * ******* *********?

*******, * ***** ************ ***** **** *** ** **** ** was ******** * ********** ***** **** *****.

Robert Baxter

In reply to John Honovich | 06/29/17 03:58pm

* *** ******* * ******* *****. **** * *** ****** to *** ** ** **** *** ******** ********** **** ** ADT *** *********** ********* *** ****** *********** ***** *** ******** or **** ** ******** ** ********* ** *** ***** ****** 9. ** **** ***** *** *** ***** **** ******** ************ than *** ***** ********, ****** *** ** ***** ******* ****** contracts. * *** **** ******* ***** ******* ********* (**** **** users) *** **** **** ******* ** ******* **** *** ***** industry *** ******** ***'* **** ********* ** ***** *** ***** of ********* ******** **** ****:

*. * ******** **** ** ****** *** *** ****** ******** is ****** *** *** ******, **** ****** ** ** ****** by *** ********* *** *********, *********, *********,...

*. **** ** * ***** **************, ** ********** ******* ** a ******** **** ***** ******.

*. ********* ****** ** ****** ********* ** *** *******.

*** *** ******** *** ** *** ****.

********* *** *** ******** **** ** ******* ******* **** *** big **** (******, *****, *********) *** *****.

John Honovich

IPVM | In reply to Robert Baxter | 06/29/17 08:11pm

* ******** **** ** ****** *** *** ****** ******** ** blamed *** *** ******, **** ****** ** ** ****** ** the ********* *** *********, *********, *********,...

**, *** ** ** *****, *** *** / *********** **** is *** ***** * **** ********* ** ***, **** *** title ** **** **** - '** ****, ***** ******'.

* ** *** ********** *** ******* *** *********. * ** emphasizing **** ***** ******* *** *** ****** ** ****** *** case ** **** ****, ******* **** ** ***** ***** / misleading ***********, *** ****** **** * ****.

David Fogle

In reply to John Honovich | 07/05/17 02:34pm

*** ***** ** **** ** *** ******* ** ******** ***** systems *** *** ********* **** ******* ***** **** **** *** ADT ******* ***** *** ******** ************ *** ** ******* *** manipulate *** ****** ** *** ***** ****** ** ****** ***** an ***** ** ****** * ******** ** ******* *** ****** by **** **** ** *******.

***** ** *** ******* ** *** **** ***** ** *** been **** ************ ****** ** * ********** *****, *** *** some ****** ** ********** ** *** ***.

*******: * **** *** * ***** **** *** **** * significant ****** ** **** ********* ******** ** ******* ******* **** does *** **** **** ***** **** *** **** ****.

* ***** ***** *** ***** *** ** *** ******** *** that ***** **** *** **** ********** ** *** ***** **** not **** *** ***** ****** ** * ****.

******** ** * **** ***** ******** ** ******* *******.

Ari Erenthal

In reply to David Fogle | 07/05/17 03:19pm

*******: * **** *** * ***** **** *** **** * significant ****** ** **** ********* ******** ** ******* ******* **** does *** **** **** ***** **** *** **** ****.

** *** **** **** ********* ******** **** *** ************ ****** you * ****** ***** **** *** ****** ** **** ***, the ******** ***** ** **** ** *** *** **** ** their ***** ****'* **** ****. *** **** ******** ***** ****** you ** ******, ***. ****'* **** ********* ** **** ******** here.

Mick Brown

07/05/17 03:36pm

* **** **** *** *** *** ***** *** **** **** it

****** *** ******** ******** *** ** *** *****

Login to read this IPVM report.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we...

IP Networking Course September 2017 on Aug 17, 2017

This is the only networking course designed specifically for video surveillance professionals plus it includes live training, personal help and...

Axis and Arecont Legal Conflict Over Multi-Imager Cameras on Aug 17, 2017

Arecont threatened Axis. Axis has responded by moving to invalidate an Arecont patent. It is an important contest. Multi-imagers are Arecont's...

Directory Of Consumer Security Cameras on Aug 16, 2017

The consumer camera segment continues to grow, with new startups and models from existing players released seemingly every month. In this report we...

Hikvision Responds To Cracked Security Codes on Aug 15, 2017

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication...

Vulnerability Directory For Access Control Cards on Aug 14, 2017

Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types...

IP Camera Specification / RFP Guide 2017 on Aug 14, 2017

RFPs are hard. Do them 'right' and it takes a lot of knowledge and time. Do them 'wrong' and you can be (a) unwittingly locked into a specific...

Hikvision Security Code Cracked on Aug 08, 2017

Hikvision's 'security code' feature has been cracked and a program generating security codes is being distributed online. IPVM has obtained and...

US Army Bans Chinese DJI Drones on Aug 08, 2017

The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army...

Canon Sues Avigilon on Jul 27, 2017

Canon, owner of Axis and Milestone, has sued Avigilon for patent infringement in US court. This is a highly atypical move for Canon, pitting 3 of...

Most Recent Industry Reports

Avigilon CEO Attacks Asian Companies Cyber Insecurity on Aug 18, 2017

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we...

Sony Next Gen HD Dome Camera Tested (SNC-EM642R) on Aug 18, 2017

Sony has released their latest generation, claiming improved WDR and low light, increased IR range, and more. We tested the SNC-EM642R outdoor IR...

IP Networking Course September 2017 on Aug 17, 2017

This is the only networking course designed specifically for video surveillance professionals plus it includes live training, personal help and...

Knightscope Raises $10 Million With $3,320 Average Per Investor on Aug 17, 2017

Congrats to Knightscope. And condolences to their legion of little investors. Knightscope has disclosed they have raised $10+ million from their...

Axis and Arecont Legal Conflict Over Multi-Imager Cameras on Aug 17, 2017

Arecont threatened Axis. Axis has responded by moving to invalidate an Arecont patent. It is an important contest. Multi-imagers are Arecont's...

Directory Of Consumer Security Cameras on Aug 16, 2017

The consumer camera segment continues to grow, with new startups and models from existing players released seemingly every month. In this report we...

Cat 5e vs Cat 6 vs Cat 6a Network Cable Usage Statistics on Aug 16, 2017

Cat 5e? Cat 6? Cat 6a? What do integrators use in practice, today? 140+ integrators told IPVM. Here are the results: For those who want to...

Hikvision Responds To Cracked Security Codes on Aug 15, 2017

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication...

Stolen Video NVR / DVR Statistics on Aug 15, 2017

"But what happens if someone steals my recorder?" Anyone who has done more than a handful of jobs has probably heard this question several times....

Hikvision Europe Cutting Out Unauthorized End User Sales on Aug 15, 2017

The days of anyone buying Hikvision from anywhere off the Internet are numbered, at least in Europe, if Hikvision's plan comes to fruition. In...

No Hack, Still Liable, Court Finds ADT

Comments (19)

Undisclosed Distributor #1

John Honovich

Edgar Mora

John Honovich

Jeremy Ellis

Undisclosed Manufacturer #2

Nick Giannakis

Undisclosed Distributor #1

Luis Carmona

Mick Brown

Mick Brown

Mick Brown

Robert Baxter

John Honovich

Robert Baxter

John Honovich

David Fogle

Ari Erenthal

Mick Brown

Login to read this IPVM report.

Related Reports

Most Recent Industry Reports

Member Login