28m records exposed in biometric data breach

Researchers associated with vpnMentor, which provides virtual private network reviews reported a data breach involving nearly 28 million records in a BioStar 2 biometric security database.

28m records exposed in biometric data breach“BioStar 2’s database was left open, unprotected and unencrypted” 

“After we reached out to them, they were able to close the leak,” vpnMentor said.

BioStar 2 is Suprema’s Web-based, open, integrated security platform. The leak was discovered on Aug. 5 and vpnMentor reached out to Suprema on Aug. 7. The leak was closed Aug. 13.

interesting reading:  1LINK starts 24/7 SOC handling cyber security threats

The vpnMentor team gained access to biometric data of client admin panels, dashboards, back-end controls and permissions, which ultimately exposed 23 GB of records:

  • Fingerprint data;
  • Facial recognition information and images of users;
  • Unencrypted usernames, passwords and user IDs;
  • Records of entry and exit to secure areas;
  • Employee records including start dates;
  • Employee security levels and clearances;
  • Personal details, including employee home address and emails;
  • Businesses’ employee structures and hierarchies; and
  • Mobile device and OS information.
interesting reading:  UAE don't have security concerns to Huawei’s 5G tech

The team was able to access information from a variety of businesses worldwide:

  • United States-based organizations Union Member House, Lits Link and Phoenix Medical;
  • UK-based Associated Polymer Resources, Tile Mountain and Farla Medical;
  • Finland’s Euro Park;
  • Japan’s Inspired.Lab;
  • Belgium’s Adecco Staffing; and
  • Germany’s Identbase.de.
Ammara Khan
Author: Ammara Khan

Support us by sharing this content :)

Leave a Reply