The San Francisco Police Department leaked hours of drone surveillance footage after security flaws allowed public access to its Skydio platform [1].
The breach reveals the extent of aerial monitoring in the city and highlights a critical failure in the digital safeguards protecting sensitive law enforcement data.
According to reports, the live drone feeds were accessible to anyone with the correct web address for at least two days in June 2026 [2]. The lack of security guardrails meant that the streaming data was not password-protected or encrypted against unauthorized access [2].
This exposure provided a window into the SFPD's surveillance operations. The leaked material consists of hours of footage captured by the department's drone fleet [1]. While some reports focus on specific incidents captured in the video, the primary concern for privacy advocates is the systemic lack of oversight regarding who can view live police feeds.
The SFPD uses the Skydio platform to manage its drone operations across the U.S. city. The recent leak suggests that the technical infrastructure used to transmit this video to police monitors was not sufficiently isolated from the public internet [1], [2].
City officials have not yet detailed how the web address became public or if any specific individuals were targeted during the period of exposure. The incident has reignited debates in San Francisco regarding the use of "eyes in the sky," and the potential for misuse of surveillance technology [2].
“The live drone feeds were accessible to anyone with the correct web address.”
This incident underscores a growing tension between the adoption of advanced surveillance hardware and the implementation of basic cybersecurity. When law enforcement agencies deploy high-resolution aerial assets without robust access controls, they risk transforming a tool for public safety into a public broadcast of private citizens, potentially compromising both ongoing investigations and civil liberties.


