South Korea finds itself at the heart of a major scandal involving hacked surveillance cameras. An investigation has dismantled a vast network of digital voyeurism, highlighting the dangers associated with the massive use of IP cameras in private and public spaces. Discover how this network was dismantled and what measures are being considered to prevent such incidents in the future.
The 3 key facts not to miss
- Arrest of four individuals in South Korea, suspected of stealing images captured by more than 120,000 IP cameras.
- Sale of sexual videos for approximately 20,000 euros to a specialized foreign site.
- Focus on European legislation with the Cyber Resilience Act to strengthen the security of connected objects.
A hacking network in South Korea
On December 1, 2025, the South Korean National Police announced the arrest of four people suspected of hacking more than 120,000 IP cameras across the country. According to authorities, two of the suspects stored the stolen videos, while the other two were responsible for compiling and selling sexual clips.
These videos were sold for about 35 million won (nearly 20,000 euros) to a foreign site specializing in the distribution of stolen images. This case highlights the risks posed by the hacking of IP cameras, which are particularly vulnerable due to the simplicity of some passwords used.
IP cameras: practical but vulnerable
IP cameras, often less expensive alternatives to traditional surveillance systems, are widely deployed in private and public spaces. These connected devices allow remote viewing of captured images, but their massive deployment has often been done without adequate security measures.
The suspects allegedly exploited security flaws in these cameras, taking advantage of weak passwords. South Korean authorities responded by advising victims on securing their devices, emphasizing the importance of regularly changing passwords.
Legislative response in Europe
In Europe, the response to scandals related to connected objects involves legislative solutions. The Cyber Resilience Act, adopted in 2024, imposes security standards for connected devices placed on the market. This text aims to ensure secure default configuration, rigorous management of updates, and effective handling of vulnerabilities.
The obligations to report security flaws will come into effect in 2026, while security requirements for products will become mandatory by the end of 2027. This legislation represents an important step towards protecting users against risks related to connected objects.
Context on IP cameras
IP cameras, also known as Internet Protocol cameras, are surveillance devices that connect to a network to transmit real-time video data. Used both in homes and businesses, they offer great flexibility and accessibility to users. However, their growing popularity often makes them targets for cybercriminals seeking to exploit their security weaknesses.
The development of IP camera technology is part of the broader trend of the Internet of Things (IoT), where a multitude of everyday objects are connected to the Internet, offering new functionalities but also posing security challenges. Over the years, manufacturers and regulators have become aware of these issues, leading to the adoption of stricter security standards to protect consumers and their personal data.