Press "Enter" to skip to content

Huge Biometric Security Error Exposed Over 1 Million Fingerprints

A biometrics system employed by UK police, banks, and defense firms has underwent a huge data hack, disclosing the fingerprints of over one million individuals along with facial recognition information, unencrypted passwords, and other personal info.

The biometrics lock system, Biostar 2, managed by security firm Suprema, employs facial recognition and fingerprints technology to offer authorized people access to buildings. The previous month the service was added into AEOS (another access system) that is employed by 5,700 agencies all over 83 nations.

The security error was found up by Ran Locar and Noam Rotem (Israeli researchers), vpnmentor (the from VPN review service). In a routine network scan performed previous week, the couple discovered that database of Biostar 2 was available publicly and that by changing URL search condition they were capable of accessing almost 23GB of data and 28 million records, comprising facial recognition data, fingerprints, security clearance information, and passwords.

In an interview, Rotem claimed that the error meant he can modify info and add new consumers, which might let him to include his own fingerprint to the network and use whatever services a real consumer was allowed to use. He claimed that not only was the utter scale of the hack shocking but the nature of the data hack will have upcoming consequences.

On a related note, earlier EA fixed errors in its Origin service that might have allowed attackers to exploit and hijack accounts of millions of consumers. The errors were seen by CyberInt and Check Point Research, and once exploited, they might have permitted player account identity theft and takeover. The cybersecurity firms warned EA, which was swift to take action.

The errors took benefit of EA Games’ employment of authentication tokens, abandoned subdomains, and single TRUST & sign-on mechanisms developed into the consumer login process.

Linda Ricketson
Author Details
SR. CONTENT WRITER At The Industry Press Release

Linda Ricketson is the appropriate employee among The Industry Press Release portal staff, who is capable of precisely explaining the new concepts and technologies in a written format. Not only pro in writing, she also has a superb knowledge of technology terminologies and concepts. She is a gadget lover and is very enthusiastic to have hands-on-experience for the recently launched tech-loaded devices and gadgets. The portal has offered her the designation of Sr. Content writer. She has almost six years of experience in the writing sector. Before joining the portal, she used to write blogs for a gadget-based magazine publishing company. She pursued her Graduation in Electronics and Telecommunications Engineering. To keep herself informed about the latest and upcoming technologies, she tries to attend several tech-conferences and exhibitions.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *