|Home>||Security||>IT Security||>Biometric security firm leaks fingerprints|
Biometric security firm leaks fingerprints
15 August 2019
SENSITIVE DATA, including more than a million fingerprints, has been exposed online by Biostar security software.
Cyber security firm VPNMentor managed to access data from Biostar 2, a web-based security platform that is used by thousands of companies including the Metropolitan Police.
Researchers have revealed that they managed to access facial recognition data, names, addresses and password. Suprema, the company providing this software, have said they are addressing the issue. In total, 23 gigabytes of data containing nearly 30 million records were found exposed online. According to VPNMentor, it discovered that the data was exposed on 5 August and the data was made private on 13 August, It has not been confirmed how long the data was left accessible.
In a blog posting on its website, VPNMentor said: "This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.
"After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings. However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.
"Upon speaking to a member of their German team, we received a mumbled reply that “we don’t speak to vpnMentor”, before the phone was suddenly hung up. This suggests they were aware of us, and our attempts to resolve the issue. We also tried to contact BioStar 2’s GDPR compliance officer but received no reply."
- ASFP introduces new qualification requirements for members in 2021
- Fire Brigades Union issues response to Government’s cladding announcement
- Government funding for England’s Fire and Rescue Services “cut by £140 million since 2016” states FBU
- “Abusive behaviour towards firefighters must stop” urges LFB Deputy Commissioner
- Skills for Security launches new improved website and refreshed brand identity
- Lincolnshire unveils plans for blue lights hub
- BAFE welcomes latest Government announcement assisting fire safety work
- SIA commits to reducing costs
- University Security Teams: Delivering in the face of COVID-19
- Latest technology extinguishes silo fire
- From the editor
- Blog for FSM website
- Information Commissioner makes key appointments
- BSIA forges closer American links ahead of Brexit
- Fire and Security Association names new chair
- Government wants mergers regime update to protect national security
- Chain wrestling
- Intersec 2018 preview
- Leading brands supporting new Security Event at NEC
- Leading security companies support launch of new security event at the NEC