28m records exposed in biometric data breach

Researchers associated with vpnMentor, which provides virtual private network reviews reported a data breach involving nearly 28 million records in a BioStar 2 biometric security database.

28m records exposed in biometric data breach“BioStar 2’s database was left open, unprotected and unencrypted” 

interesting reading:  Apple hopes to bolster password security with open source project

“After we reached out to them, they were able to close the leak,” vpnMentor said.

BioStar 2 is Suprema’s Web-based, open, integrated security platform. The leak was discovered on Aug. 5 and vpnMentor reached out to Suprema on Aug. 7. The leak was closed Aug. 13.

interesting reading:  Advancement of ethanol for progressive influences on energy security

The vpnMentor team gained access to biometric data of client admin panels, dashboards, back-end controls and permissions, which ultimately exposed 23 GB of records:

  • Fingerprint data;
  • Facial recognition information and images of users;
  • Unencrypted usernames, passwords and user IDs;
  • Records of entry and exit to secure areas;
  • Employee records including start dates;
  • Employee security levels and clearances;
  • Personal details, including employee home address and emails;
  • Businesses’ employee structures and hierarchies; and
  • Mobile device and OS information.
interesting reading:  Climate change directly or indirectly affects food security

The team was able to access information from a variety of businesses worldwide:

  • United States-based organizations Union Member House, Lits Link and Phoenix Medical;
  • UK-based Associated Polymer Resources, Tile Mountain and Farla Medical;
  • Finland’s Euro Park;
  • Japan’s Inspired.Lab;
  • Belgium’s Adecco Staffing; and
  • Germany’s Identbase.de.

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha loading...