Millions of fingerprints leaked in latest high-profile data breach

16th August 2019

A “huge data breach” in security platform BioStar 2 has been uncovered, revealing the personal information of millions

Researchers at vpnMentor, a blog covering web privacy, recently discovered the data breach, which compromised the private information of millions of people. 

Headed by “ethical hackers” Noam Rotem and Ran Locar, the team discovered that “huge parts of BioStar 2’s database are unprotected and mostly unencrypted.”

Over one million fingerprint records and facial recognition biometrics were among the leaked data. Perhaps even more worrying is that these records were tied to personal details, usernames and passwords. 

Suprema, the company responsible for the biometric data platform BioStar 2, is one of the world’s top 50 security manufacturers. 

vpnMentor was able to access almost 30 million records. These records included fingerprint data, unencrypted usernames and passwords, employee home addresses and personal emails, employee security access clearances, facial recognition information and even images of users.


The BioStar 2 platform is in use worldwide, with over 1.5 million installations. vpnMentor state that the total number of people affected by the breach could be in “the tens of millions.”

2 weeks until SolarWinds’ Annual IT Pro Day Awards
Trending
2 weeks until SolarWinds’ Annual IT Pro Day Awards

The leak raises numerous concerns for the potential of fraud and identity theft, through phishing and direct targeting. Employees could be the targets of blackmail and extortion based on their security clearances, with their personal information used as leverage. 

This is the latest in a string of high-profile data breaches. Just last month, American credit card provider Capital One fell victim to a breach. The hacker was able to access the social security numbers and personal information of 100 million Americans. 

Two days after discovering the BioStar 2 breach, the researchers who uncovered the hack decided to contact the company’s offices by phone but were largely unsuccessful. Some agents simply hung up on them.

In the blogpost, vpnMentor stated that, upon approaching Biostar 2 to make them aware of the breach, they found them “generally very uncooperative,” adding that their team made “numerous attempts to contact the company over email, to no avail.”

It was only 5 days later that the company responsible took action and closed the breach.

We think you'll like:

Luke Conrad

Technology & Marketing Enthusiast

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...