
![]() |
Brian Sims
Editor |
Home> | Security | >IT Security | >Biometric security firm leaks fingerprints |
Biometric security firm leaks fingerprints
15 August 2019
SENSITIVE DATA, including more than a million fingerprints, has been exposed online by Biostar security software.
Cyber security firm VPNMentor managed to access data from Biostar 2, a web-based security platform that is used by thousands of companies including the Metropolitan Police.
Researchers have revealed that they managed to access facial recognition data, names, addresses and password. Suprema, the company providing this software, have said they are addressing the issue. In total, 23 gigabytes of data containing nearly 30 million records were found exposed online. According to VPNMentor, it discovered that the data was exposed on 5 August and the data was made private on 13 August, It has not been confirmed how long the data was left accessible.
In a blog posting on its website, VPNMentor said: "This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.
"After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings. However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.
"Upon speaking to a member of their German team, we received a mumbled reply that “we don’t speak to vpnMentor”, before the phone was suddenly hung up. This suggests they were aware of us, and our attempts to resolve the issue. We also tried to contact BioStar 2’s GDPR compliance officer but received no reply."
- London Fire Brigade calls upon expert university scientist to help train firefighters
- Directors at greater risk of identity fraud
- ASFP responds to industry competency proposals contained in ‘Setting the Bar’ report
- Government consults on data protection fee exemptions
- ‘Coronavirus coughs’ at key workers to be charged as assault
- CEO sentenced for stealing from charity
- Unmissable event
- LHDC from Patol continues to offer fire protection for vital petroleum tanks
- Experts call for improved fire safety protocols at battery recycling centres
- BAFE warns of ISO 9001:2015 deadline
- From the editor
- Blog for FSM website
- Information Commissioner makes key appointments
- BSIA forges closer American links ahead of Brexit
- Fire and Security Association names new chair
- Government wants mergers regime update to protect national security
- Chain wrestling
- Intersec 2018 preview
- Leading brands supporting new Security Event at NEC
- Leading security companies support launch of new security event at the NEC