Brian Sims
Editor |
Home> | Security | >IT Security | >Biometric security firm leaks fingerprints |
Biometric security firm leaks fingerprints
15 August 2019
SENSITIVE DATA, including more than a million fingerprints, has been exposed online by Biostar security software.
Cyber security firm VPNMentor managed to access data from Biostar 2, a web-based security platform that is used by thousands of companies including the Metropolitan Police.
Researchers have revealed that they managed to access facial recognition data, names, addresses and password. Suprema, the company providing this software, have said they are addressing the issue. In total, 23 gigabytes of data containing nearly 30 million records were found exposed online. According to VPNMentor, it discovered that the data was exposed on 5 August and the data was made private on 13 August, It has not been confirmed how long the data was left accessible.
In a blog posting on its website, VPNMentor said: "This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.
"After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings. However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.
"Upon speaking to a member of their German team, we received a mumbled reply that “we don’t speak to vpnMentor”, before the phone was suddenly hung up. This suggests they were aware of us, and our attempts to resolve the issue. We also tried to contact BioStar 2’s GDPR compliance officer but received no reply."
- FireCare secures £2.25 million investment injection from BOOST&Co
- Grenfell fraudster jailed
- Funding Terror at Car Boot Sales
- “Three-quarters of fire doors failed inspections in 2019” states FDIS
- RIBA introduces all-new Fire Safety Compliance Tracker
- Swift and sustained action needed
- Universities strengthen cyber security
- Cotton supports Grenfell 'stay put' policy
- Council repeats plea for post-Grenfell funding
- Research into major incident communication
- From the editor
- Blog for FSM website
- Information Commissioner makes key appointments
- BSIA forges closer American links ahead of Brexit
- Fire and Security Association names new chair
- Government wants mergers regime update to protect national security
- Chain wrestling
- Intersec 2018 preview
- Leading brands supporting new Security Event at NEC
- Leading security companies support launch of new security event at the NEC