Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers

Lawmakers Sen. Ron Wyden and Rep. Raja Krishnamoorthi have urged the Federal Trade Commission (FTC) to investigate Flock Safety, a company operating license plate scanning cameras, over cybersecurity concerns. They allege that Flock fails to mandate multi-factor authentication (MFA) for its law enforcement customers, leaving the company’s extensive camera network vulnerable to hackers and foreign spies. Despite offering MFA as an option, Flock confirmed to Congress that it does not require its use, which could allow unauthorized access to sensitive law enforcement areas and billions of license plate photos collected nationwide. Flock Safety operates one of the largest license plate reader networks in the U.S., serving over 5,000 police departments and private businesses. Evidence presented by cybersecurity firm Hudson Rock and independent researcher Benn Jordan suggests that some law enforcement login credentials have been stolen and sold on cybercrime forums, including Russian marketplaces. In response, Flock’s chief legal officer stated that MFA is now enabled by default for all