Millions of fingerprints leaked in latest high-profile data breach

Data, Cyber Security, Millions of fingerprints leaked in latest high-profile data breach

A “huge data breach” in security platform BioStar 2 has been uncovered, revealing the personal information of millions

Researchers at vpnMentor, a blog covering web privacy, recently discovered the data breach, which compromised the private information of millions of people. 

Headed by “ethical hackers” Noam Rotem and Ran Locar, the team discovered that “huge parts of BioStar 2’s database are unprotected and mostly unencrypted.”

Over one million fingerprint records and facial recognition biometrics were among the leaked data. Perhaps even more worrying is that these records were tied to personal details, usernames and passwords. 

Suprema, the company responsible for the biometric data platform BioStar 2, is one of the world’s top 50 security manufacturers. 

vpnMentor was able to access almost 30 million records. These records included fingerprint data, unencrypted usernames and passwords, employee home addresses and personal emails, employee security access clearances, facial recognition information and even images of users.

, , Next Level Trading with ForexTB, the premier platform for CFD Trading!

The BioStar 2 platform is in use worldwide, with over 1.5 million installations. vpnMentor state that the total number of people affected by the breach could be in “the tens of millions.”

The leak raises numerous concerns for the potential of fraud and identity theft, through phishing and direct targeting. Employees could be the targets of blackmail and extortion based on their security clearances, with their personal information used as leverage. 

This is the latest in a string of high-profile data breaches. Just last month, American credit card provider Capital One fell victim to a breach. The hacker was able to access the social security numbers and personal information of 100 million Americans. 

Two days after discovering the BioStar 2 breach, the researchers who uncovered the hack decided to contact the company’s offices by phone but were largely unsuccessful. Some agents simply hung up on them.

In the blogpost, vpnMentor stated that, upon approaching Biostar 2 to make them aware of the breach, they found them “generally very uncooperative,” adding that their team made “numerous attempts to contact the company over email, to no avail.”

It was only 5 days later that the company responsible took action and closed the breach.

Data, Cyber Security, Millions of fingerprints leaked in latest high-profile data breach

Ben Ashman

Ben is a multimedia journalist with a keen passion for technology, literature and art. When he isn't writing you can find him wandering around London's museums and galleries.

Data science skills: what’s driving the surge in demand?

Boris Paillard • 19th February 2021

The demand for people with specialist data skills — like data scientists for example — has more than tripled over the last five years (+231%). With nearly every single sector, including banking, transport and retail generating an explosion in data, employers are desperately on the hunt for skilled experts who can make sense of it.

Using Data to Make Smarter Cybersecurity Risk Decisions

Stephen Roostan • 02nd February 2021

Most enterprise security teams are already drowning in a sea of sensor and scanner data that needs to be manually correlated, analysed, and interpreted. No easy task when you take into account the growing volumes of vulnerability data and the increasing complexity of today’s enterprise IT environments.