You can always change your password. Your fingerprints and face are another story.
A major leak of data discovered this week in the UK includes fingerprints of over 1 million individuals, face recognition information, unencrypted names and passwords, and other personal info from Suprema, a security company used by UK police, banks, and military contractors, according to a report in the Guardian.
Leaks: Data leaks happen with shocking regularity. Especially as companies have moved to the cloud in recent years, various misconfigurations and mistakes have left mountains of private data publicly exposed on the internet for anyone to see.
Biometrics: This incident is different because, in addition to personal data and passwords, it includes biometrics like fingerprints and face recognition information.
Real Life. Real News. Real Voices
Help us tell more of the stories that matterBecome a founding member
The data leak strikes at the heart of one of the big fears and criticism about the increasing use of biometrics: You can change your username and password with a couple of clicks. Your face is forever. Or did the word surgery just cross your mind?
The source: Suprema runs Biostar 2 which is a biometrics lock system controlling access and surveillance of secured buildings. The leak was discovered by discovered by Israeli researchers Noam Rotem and Ran Locar and vpnMentor.
“After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings,” researchers wrote. “However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.”
The leak totaled 27.8 million records and 23 gigabytes of data. Approximately one week after discovery earlier this month, the leak was fixed.
Subscribe to the newsletter news
We hate SPAM and promise to keep your email address safe