Flock's AI Camera Network Exposed: Over 60 Live Feeds Found Unsecured on the Web
A major security flaw has exposed live feeds from over 60 of Flock's AI-powered surveillance cameras on the open web, no password required. The discovery highlights the growing privacy risks of rapidly expanding AI surveillance networks used by law enforcement.
A significant security lapse has exposed the live feeds from stat(more than 60) of Flock's keyword(AI)-powered surveillance cameras, making them viewable on the open web without a username or password. The vulnerability was discovered by tech YouTuber Benn Jordan and first reported by 404 Media, raising serious questions about the security of a network used by thousands of law enforcement agencies across the United States.
No Password Required: The Scope of the Breach
According to the findings, the livestreams were accessible to anyone who had the direct web address, requiring no authentication to view real-time footage from each location. This wasn't a sophisticated hack, but rather a fundamental failure in securing the camera feeds. Flock, a technology company that provides keyword(AI)-driven vehicle recognition, has rapidly expanded its powerful surveillance network, creating a vast web of interconnected cameras.
The company's reach was recently extended through a partnership with Ring, Amazon's smart doorbell company. This collaboration gives Flock customers the ability to request footage from users of Ring's Neighbors app, effectively blending a private surveillance network with public law enforcement tools. This breach underscores the potential dangers as these powerful networks grow.
The High Stakes of AI-Powered Surveillance
Flock markets its technology as a tool to help law enforcement solve crimes more efficiently. However, privacy advocates have long warned about the risks of creating such a widespread, privately-operated surveillance infrastructure. An incident like this, where live feeds are left open for anyone to see, validates concerns that technical flaws can lead to direct and severe privacy violations for entire communities.
Authors
Related Articles
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
The FTC fined Cox Media and two ad firms $930,000 — not for actually eavesdropping on users, but for falsely claiming they could. The case raises uncomfortable questions about surveillance capitalism.
Viral videos show 2026 graduates jeering executives who praise AI at commencement ceremonies. It's not just rudeness — it's a signal about who pays for technological optimism.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
The FTC fined Cox Media and two ad firms $930,000 — not for actually eavesdropping on users, but for falsely claiming they could. The case raises uncomfortable questions about surveillance capitalism.
Viral videos show 2026 graduates jeering executives who praise AI at commencement ceremonies. It's not just rudeness — it's a signal about who pays for technological optimism.
GitHub confirmed hackers stole data from 3,800 internal repositories via a poisoned VS Code extension. Here's why developer tools are now the most dangerous attack surface in tech.
Thoughts
Share your thoughts on this article
Sign in to join the conversation