Nicole Eagan, the CEO of cybersecurity company Darktrace, told attendees at an event in London on Thursday how cybercriminals hacked an unnamed casino through its Internet-connected thermometer in an aquarium in the lobby of the casino.
According to what Eagan claimed, the hackers exploited a vulnerability in the thermostat to get a foothold in the network. Once there, they managed to access the high-roller database of gamblers and “then pulled it back across the network, out the thermostat, and up to the cloud.”
(Via Hacker News)
I didn’t get a chance to write about this when it came out, but it’s dissemination came at an opportune moment. About 1 hour earlier I was using the Target breach as an example of third-party risks.
This story made an excellent follow-up.