there occurred a rather major breach of biometric systems that left data of
more than 1 million individuals ‘exposed’ in an openly accessible database.
the UK Metropolitan police, defence contractors, and banks, for fingerprint and
facial recognition purposes.
data on ‘Suprema’s web-Biostar 2 platform’ that controls access to secure facilities,
was unprotected and ‘mostly unencrypted.’
totalling 23 gigabytes of data. A small and simple manipulation of the URL
search criteria enabled access to the data as well as allowed room for some
familiar IP blocks to further use these in order to discover holes in company’s
frameworks that could conceivably prompt data breaches.
accounts. The access allows first of all seeing millions of users are using
this system to access different locations and see in real time which user
enters which facility or which room in each facility, even. We [were] able to
change data and add new users,” – Rotem and Locar, the security researchers.
that as it may, it is still in the news as the size of the breach was
disturbing because the affected service is currently in use in approximately
1.5 million areas over the world.