BlackVue dashcam privacy leaks disclosed


Community Feature - @ZephrFish

Curated Intelligence Staff member ZephrFish recently uncovered concerning private information leak in BlackVue vehicular dashcams. Customers of BlackVue dashcams appear to be unknowingly exposing their precise GPS locations of their vehicles. To make matters worse, this is the default 'always on' setting. Anyone with the app can find other vehicles publicly broadcasting their geolocation and anyone can monitor the footage captured by the dashcam. The BlackVue app also has no email verification and is free.

Other security researchers have reportedly informed BlackVue about the privacy leak in the past. BlackVue stated that it is a feature, not a bug and has no plans to make any changes. ZephrFish found that it was possible to monitor the feeds of emergency services vehicles, such as ambulances and police cars, as well as other normal road users. 

Some of the BlackVue dashcams also have audio enabled, meaning anyone could listen to the user's conversations while in their vehicles. Another point that someone raised is that this also affects EU customers under GDPR regulations. Inadvertently broadcasting the GPS location of even private cameras is a breach of GDPR.

Could be good for OSINT!

Curated Intel Community Features are sourced using our Member Content channel on Discord. If you have recently produced a noteworthy piece of writing, a project, a podcast, an infographic or other CTI content let us know!