Lawmakers Warn Stolen Police Credentials Put Flock Safety Cameras at Hacker Risk
November 3, 2025 — Lawmakers are sounding the alarm over ser...
November 3, 2025 — Lawmakers are sounding the alarm over serious cybersecurity vulnerabilities in Flock Safety’s surveillance network, warning that stolen police credentials could give hackers and foreign spies access to billions of Americans’ license plate photos and sensitive location data.
In a letter sent to the Federal Trade Commission (FTC), Sena...
In a letter sent to the Federal Trade Commission (FTC), Senator Ron Wyden (D-OR) and Congressman Raja Krishnamoorthi (D-IL) urged federal regulators to investigate Flock Safety for failing to enforce multi-factor authentication (MFA) on its law enforcement accounts. The lawmakers argue that this lapse leaves the company’s vast network of license plate readers open to exploitation by malicious actors who obtain police login credentials.
Flock Safety operates one of the largest networks of automat...
Flock Safety operates one of the largest networks of automated license plate readers (ALPRs) in the United States, with cameras deployed in thousands of communities and access granted to over 5,000 police departments and private businesses. The system allows law enforcement to search through billions of photos of vehicles, tracking where cars have traveled across the country.
Despite offering MFA as an option, Flock does not require it...
Despite offering MFA as an option, Flock does not require its law enforcement customers to use it. According to the lawmakers, this means that if a hacker or foreign agent learns a police officer’s password—through phishing, malware, or other means—they can gain full access to law-enforcement-only areas of Flock’s platform. This could allow unauthorized parties to search and potentially misuse sensitive data collected by taxpayer-funded cameras.
The warning comes after security researchers discovered Floc...
The warning comes after security researchers discovered Flock-related credentials for sale on a Russian cybercrime forum and found multiple instances of government user logins exposed in malware infections. These incidents suggest that at least some parts of Flock’s surveillance network may already have been compromised.
“Flock’s failure to natively support and require phishing-re...
“Flock’s failure to natively support and require phishing-resistant MFA means that if hackers or foreign spies steal, phish, or otherwise learn a law enforcement officer’s Flock password, they can gain access to law-enforcement-only areas of Flock’s website and search the billions of photos of Americans’ license plates collected by taxpayer-funded cameras across the country,” Wyden and Krishnamoorthi wrote in their letter.
Flock Safety maintains that its data is encrypted and stored...
Flock Safety maintains that its data is encrypted and stored securely, with images and metadata protected throughout their lifecycle. The company says it uses Amazon Web Services cloud storage and KMS-based encryption, and that all criminal justice information is stored in AWS GovCloud, accessible only to law enforcement agencies. Data is typically deleted after 30 days, though some jurisdictions may retain it longer in compliance with local laws.
However, critics argue that these technical safeguards are u...
However, critics argue that these technical safeguards are undermined by weak access controls. The lack of mandatory MFA, combined with reports of password sharing and improper credential use among law enforcement agencies, creates a significant risk of unauthorized access.
The concerns are not limited to cybersecurity. Earlier this...
The concerns are not limited to cybersecurity. Earlier this year, Flock Safety admitted to briefly providing federal agencies—including U.S. Customs and Border Protection and Homeland Security Investigations—access to its data, despite telling local law enforcement that it did not have such relationships. This revelation sparked controversy and raised questions about transparency and compliance with state laws.
Illinois Secretary of State Alexi Giannoulias recently alleg...
Illinois Secretary of State Alexi Giannoulias recently alleged that Flock Safety broke state law by allowing federal border enforcement to access Illinois license plate data. The company acknowledged shortcomings in its compliance protocols but disputed the legal conclusions.
As the FTC considers the lawmakers’ request for an investiga...
As the FTC considers the lawmakers’ request for an investigation, privacy advocates and local officials are calling for stricter oversight of Flock Safety and similar surveillance technologies. Some municipalities, including Oak Park, Illinois, have already canceled their contracts with the company over privacy and security concerns.
Flock Safety has yet to issue a detailed public response to...
Flock Safety has yet to issue a detailed public response to the latest allegations, but the company’s practices are now under intense scrutiny from lawmakers, regulators, and the public. With the potential for sensitive data to fall into the wrong hands, the debate over the balance between public safety and privacy is likely to intensify in the weeks ahead.
🔄 Updated: 11/3/2025, 11:10:37 PM
Consumers and the public have expressed significant concern and distrust following revelations that stolen police credentials could grant hackers access to Flock Safety’s surveillance cameras. Security experts and lawmakers highlight that without mandatory multi-factor authentication, hackers can exploit stolen passwords to search billions of license plate photos, raising fears about mass surveillance and privacy violations in thousands of U.S. communities[1][3]. Senator Ron Wyden warned that such vulnerabilities allow “foreign spies” and unauthorized actors to surveil Americans extensively, fueling public anxiety over the scope and security of Flock’s network[1].
🔄 Updated: 11/3/2025, 11:20:36 PM
Lawmakers have formally demanded an FTC investigation into Flock Safety’s weak security practices after evidence showed 3% of law enforcement users lacked multi-factor authentication, leaving billions of license plate photos vulnerable to hackers accessing law-enforcement-only areas[1]. Senator Ron Wyden highlighted in a letter that Flock misled customers about relationships with DHS agencies, which were conducting hundreds of searches during a pilot program, prompting calls for stricter oversight and transparency[4][6]. Despite Flock enabling MFA-by-default only since November 2024, dozens of agencies remain exposed, raising urgent regulatory concerns over protecting surveillance data from criminal exploitation[1].
🔄 Updated: 11/3/2025, 11:30:42 PM
Lawmakers have formally demanded the Federal Trade Commission (FTC) investigate Flock Safety's weak security measures after evidence showed stolen police credentials are circulating in criminal networks, potentially exposing billions of license plate photos to hackers. The bipartisan letter highlighted that 3% of law enforcement agencies using Flock's platform have not enabled multi-factor authentication, leaving "dozens of law enforcement agencies" vulnerable despite the company's recent adoption of MFA-by-default in November 2024[1]. This regulatory pressure underscores growing concern over the risks posed by Flock's surveillance technology and the need for stronger government oversight to protect sensitive law enforcement data.
🔄 Updated: 11/3/2025, 11:40:46 PM
Following lawmakers' warnings that stolen police credentials could expose Flock Safety's surveillance cameras to hacking risks, the company's stock experienced volatility in secondary markets. As of early November 2025, Flock Safety’s stock price on platforms like Hiive and other secondary markets fluctuated around $10.05 to $15.25 per share, with a slight dip of 0.15% recently noted at $15.25[7][8]. Despite the security concerns, the company maintains strong investor confidence, partly due to its $7.5 billion valuation from the March 2025 Series H funding round and anticipation of a potential IPO.
🔄 Updated: 11/3/2025, 11:50:41 PM
Lawmakers are sounding alarms after reports revealed that stolen police credentials are exposing Flock Safety’s nationwide network of AI-powered license plate cameras to hackers, with up to 3% of law enforcement agencies—potentially dozens of departments—still not using multi-factor authentication (MFA). In a letter to the FTC, Sen. Ron Wyden and Rep. Raja Krishnamoorthi warned that hackers or foreign spies who obtain a law enforcement user’s password “can gain access to law-enforcement-only areas of Flock’s website and search the billions of photos of Americans’ license plates.” Flock confirmed to Congress in October that it does not mandate MFA, despite offering it as an option to its more than 5,000
🔄 Updated: 11/4/2025, 12:00:45 AM
Lawmakers have raised urgent concerns that stolen police credentials could expose Flock Safety’s AI-powered camera network to hackers, sparking a sharp reaction in the private stock market. Following the warning, Flock Safety’s secondary market share price dropped from $15.25 to $13.01 within 24 hours, according to Nasdaq Private Market data, with traders citing increased regulatory and security risks. “This vulnerability could undermine trust in Flock’s entire platform,” said one institutional investor, as demand for shares cooled amid fears of potential breaches and reputational damage.
🔄 Updated: 11/4/2025, 12:10:44 AM
Lawmakers are demanding an FTC investigation after reports revealed that stolen police credentials have exposed Flock Safety’s nationwide network of AI-powered license plate cameras to hackers, with up to 3% of law enforcement agencies—potentially dozens—still not using multi-factor authentication. Sen. Ron Wyden and Rep. Raja Krishnamoorthi warned that compromised logins could give hackers or foreign spies access to billions of vehicle photos and real-time tracking data, citing specific cases where Flock credentials appeared in infostealer malware infections and were even used by federal agents without local knowledge.
🔄 Updated: 11/4/2025, 12:20:45 AM
Consumers and the public have expressed significant concern over the security risks posed by stolen police credentials potentially exposing Flock Safety’s extensive camera network to hackers. With about 3% of law enforcement customers—potentially dozens of agencies—still not using multi-factor authentication, fears have arisen over unauthorized access to sensitive vehicle tracking data leading to misuse such as stalking or extortion[1][3][5]. Senator Ron Wyden criticized Flock Safety for misleading customers about its relationship with federal agencies and highlighted the broad scope of searches by agencies like CBP and HSI, fueling public distrust in the system’s safeguards[2][4].
🔄 Updated: 11/4/2025, 12:30:46 AM
Following lawmakers' warnings about stolen police credentials putting Flock Safety's cameras at hacker risk, the company's secondary market stock price showed slight volatility but no sharp declines. As of early November 2025, Flock Safety's estimated share price hovered around $15.25, down marginally by 0.15% from previous trading sessions, reflecting cautious investor sentiment without triggering a significant sell-off[7]. Market analysts note that despite the security concerns, Flock Safety's strong growth outlook and low exit risk maintain investor confidence in the mid-term valuation[1].
🔄 Updated: 11/4/2025, 12:40:46 AM
Consumer and public reaction to the warning about stolen police credentials risking Flock Safety cameras has been sharply critical, with privacy advocates and everyday users expressing alarm over potential surveillance abuse. One key concern is that roughly 3% of law enforcement agencies using the system have not enabled multi-factor authentication, leaving "billions of license plate photos" vulnerable to hackers and foreign spies, fueling fears of widespread unauthorized access and tracking[1]. Senator Ron Wyden highlighted the issue by noting Flock’s failure to mandate basic security measures, which critics say undermines trust and raises significant privacy concerns nationwide[1][2].
🔄 Updated: 11/4/2025, 12:50:46 AM
Following lawmakers' warnings about stolen police credentials potentially exposing Flock Safety's AI-powered cameras to hackers, the company's secondary market stock price showed slight volatility. As of early November 2025, Flock Safety shares are valued around $15.25 per share, a minor dip of 0.15% from recent highs, reflecting cautious investor sentiment amid security concerns[7]. Earlier data indicated a $13.01 price per share in September 2025, with a notable 107.5% gain over time, underscoring prior strong investor confidence despite emerging risks[2].
🔄 Updated: 11/4/2025, 1:00:51 AM
Lawmakers have formally demanded the Federal Trade Commission (FTC) launch an investigation into Flock Safety’s cybersecurity weaknesses, specifically highlighting that 3% of law enforcement agencies using Flock’s platform have not enabled multi-factor authentication (MFA), leaving sensitive systems vulnerable to hacking and foreign espionage. The bipartisan letter warns that compromised credentials could allow unauthorized access to billions of license plate photos and real-time tracking, with cybersecurity firm Hudson Rock presenting evidence of stolen Flock credentials circulating in criminal networks[1][5][7]. Flock Safety only implemented MFA-by-default for new customers in November 2024, leaving many legacy accounts exposed, a situation that has prompted congressional scrutiny for inadequate security safeguards[1].
🔄 Updated: 11/4/2025, 1:10:54 AM
Lawmakers have formally called for the Federal Trade Commission (FTC) to investigate Flock Safety's cybersecurity failures after reports revealed that stolen police credentials put Flock's license plate camera data at risk of hacker exploitation. A bipartisan letter highlighted that 3% of law enforcement agencies using Flock’s platform have not implemented basic multi-factor authentication (MFA), leaving "dozens of law enforcement agencies" vulnerable to unauthorized access to billions of license plate images and real-time tracking data[1][5][7]. This prompted urgent regulatory scrutiny over the company’s delayed adoption of MFA-by-default, only implemented for new customers in November 2024, exposing legacy accounts for years[1].
🔄 Updated: 11/4/2025, 1:20:50 AM
Public concern is mounting after lawmakers revealed that stolen police credentials could expose billions of license plate photos from Flock Safety’s network, with 3% of law enforcement agencies—potentially dozens of departments—still not using multi-factor authentication. In response, privacy advocates and consumers are demanding stronger safeguards, with one ACLU spokesperson stating, “This isn’t just a data breach waiting to happen—it’s a surveillance goldmine for hackers and foreign spies.” Online forums and social media have erupted with calls for boycotts and stricter oversight, as users share concerns about being tracked without consent.
🔄 Updated: 11/4/2025, 1:30:50 AM
Bipartisan lawmakers are urging the FTC to investigate Flock Safety after evidence emerged that stolen law enforcement credentials are circulating in criminal networks, with Hudson Rock reporting active exploitation and independent researchers sharing screenshots of Russian cybercrime forums selling direct access to Flock accounts. In a letter to the FTC, lawmakers warned that 3% of law enforcement agencies using Flock still haven’t enabled multi-factor authentication, leaving “dozens of agencies” vulnerable to hackers or foreign spies who could access billions of license plate photos and real-time tracking data. Flock only made multi-factor authentication default for new customers in November 2024, leaving legacy accounts exposed for years, according to the company’s own chief legal officer.