Connect with us

More than one million fingerprints and a host of usernames and passwords have been exposed on an unsecured database hosted by a security platform that lists the Metropolitan Police among its clients.

Researchers claim to have discovered the publicly accessible information on the web-based BioStar 2, which is owned and operated by South Korean company Suprema.

The firm describes itself as a “global powerhouse in biometrics, security and identity solutions” and sells its services to thousands of organisations around the world, including businesses, banks and Scotland Yard.

Biometric security scan
Image:
Facial identification data was also exposed

BioStar 2 is a security system that allows biometrics to be used to grant people access to buildings and other restricted areas.

It hosts an enormous amount of fingerprint and facial identification data – plus the usernames and passwords associated with them.

Internet privacy researchers Noam Rotem and Ran Locar, of vpnMentor, say they discovered that BioStar 2 had been breached on 5 August and that it was not resolved for eight days.

In a report published on the vpnMentor website, they said: “This is a huge leak that endangers both the businesses and organisations involved, as well as their employees.

“Our team was able to access over one million fingerprint records, as well as facial recognition information – combined with the personal details, usernames and passwords, the potential for criminal activity and fraud is massive.”

The pair said Suprema had been “generally very uncooperative” since being made aware of the issue, which saw them able to access more than 27.8 million records totalling 23GB of data.

Among the information seen were entry and exit times, home addresses and emails.

But they said the potential for biometrics to be stolen was of greatest concern, adding: “Facial recognition and fingerprint information cannot be changed. Once they are stolen, it cannot be undone.”

As well as fraud, they said victims could be at risk of blackmail, extortion and theft.

The Metropolitan Police have said they 'respect the rights of the media'
Image:
The Metropolitan Police is said to be among the clients affected by the breach

Security experts have described the scale of the leak as “disturbing”.

Piers Wilson, of cyber security firm Huntsman Security, told Sky News: “The huge quantity of sensitive personal information, such as biometric data, that has potentially been exposed to cyber criminals as a result of poor cyber security practices by Suprema is disturbing to see.

“Such basic mistakes, including not encrypting data and making admin passwords easily accessible, are easy to avoid and there should have been steps taken to better protect systems.

“This breach is just another example of why cyber security must be taken more seriously in all businesses.”

John Sheehy, director of strategic security services at research company IOActive, said: “The more secure an organisation itself is, the more attractive that organisation’s supply chain becomes in the mind of the attacker – and you can’t get any more secure than a government, bank or police force.

“An attacker wants to find the easiest pathway to get into the network so oftentimes, it’s the supplier who has an exploitable vulnerability that can get them full access into the original target’s network.”

Sky News has contacted Suprema and the Metropolitan Police for comment.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest News

Breaking Bad: Netflix confirms movie will be released in October | Ents & Arts News

Published

on

The title for the new Breaking Bad film has been revealed, ahead of its arrival on Netflix in October.

El Camino: A Breaking Bad Movie sees Aaron Paul return as crystal meth cook Jesse Pinkman, who has escaped from a Nazi meth gang and is “coming to terms with his past in order to forge some kind of future”, according to the streaming service.

It is not clear whether Bryan Cranston will return as Walter White, a chemistry teacher who turns to drug dealing after being diagnosed with lung cancer.

Cranston – who won an Emmy for outstanding lead actor in a drama series four times in the role – revealed the project in November following reports that show creator Vince Gilligan was working on a script.

He told NBC at the time: “I honestly have not even read the script. I have not gotten the script, I have not read the script. So there’s the question of whether or not we’ll even see Walter White in this movie.”

El Camino: A Breaking Bad Movie. Pic: Netflix
Image:
A scene from El Camino: A Breaking Bad Movie. Pic: Netflix

White was an ailing chemistry teacher when the series premiered in 2008, but over the course of its five-season run he transformed into a feared drug dealer known as Heisenberg.

The series finale in 2013 became one of the most-watched cable shows in US TV history, with plenty more glued to their screens in the UK.

Aaron Paul attends the New York premiere of Kingsglaive: Final Fantasy XV
Image:
Aaron Paul returns as crystal meth cook Jesse Pinkman

Gilligan has already co-created the popular spin-off series Better Call Saul, which is set before Breaking Bad and focuses on conman turned lawyer Jimmy McGill.

El Camino: A Breaking Bad Movie will arrive on Netflix on 11 October.

Source link

Continue Reading

Latest News

Newlyweds killed in crash – minutes after getting married | US News

Published

on

Two newlyweds have died in a car crash in Texas – minutes after getting married.

Harley Morgan, 19, and Rhiannon Boudreaux, 20, collided with a truck after leaving their wedding venue in Texas on Friday.

The childhood sweethearts were pulling onto a five-lane highway when the truck, which was towing a trailer carrying a heavy tractor, slammed into their vehicle.

According to witnesses, their car then flipped multiple times before coming to rest in a ditch.

The couple, still in their wedding clothes, were pronounced dead at the scene by the same justice of the peace who had just married them.

“The family was right behind them. They were all going out to go to wherever they were going to have their reception,” Orange police chief Captain Keith Longlois said.

Detectives say the truck driver does not appear to be at fault, but he is cooperating with the police. He was not injured and is going to undergo drug and alcohol tests.

The groom’s mother LaShawna Morgan and sister Christina Fontenot had been travelling behind the couple when they crashed.

Mrs Morgan told KFDM: “They haven’t even been married for five minutes.

“Those two babies – the only thing that they wanted was to get married and start their life. The two of them had so many dreams.”

Ms Fontenot said the couple had been planning a larger ceremony for December.

Source link

Continue Reading

Latest News

Lightning strike at golf tournament injures six people | US News

Published

on

Several people have been injured after lightning struck a tree at a golf tournament in the US.

The Tour Championship, being held at East Lake Golf Club in Atlanta, had been suspended on Saturday afternoon so spectators and players could shelter from a storm.

The lightning struck a 60ft pine tree just off the 16th tee about half an hour later, shattering the trunk all the way to the bottom.

Fans are assisted by medical personnel after a lightning strike during the third round of the Tour Championship at East Lake Golf Club. Pic: Adam Hagy-USA TODAY Sports
Image:
Six people were taken to hospital by ambulance. Pic: Adam Hagy/USA TODAY Sports

Atlanta Police spokesman James H White III said five men and one girl had been sheltering under the tree. All six were injured when the lightning struck.

They were taken to hospital where they were described as alert, conscious and breathing.

Brad Uhl, from Atlanta, was among those who saw the lightning strike.

He said: “There was just a big explosion and then an aftershock so strong you could feel the wind from it.

“It was just a flash out of the corner of the eye. It was raining and everyone was huddled near the tree.”

An ambulance arrives to provide medical assistance after a lightning strike during a suspension of the third round due to inclement weather of the TOUR Championship at East Lake Golf Club on August 24, 2019 in Atlanta, Georgia
Image:
The victims had been sheltering from a storm during a golf tournament

The PGA said the third round of the tournament had been suspended for the day, adding: “the safety of our fans, players and partners is of the utmost importance”.

Lightning strikes have killed 12 people in the US so far this year, according to the National Weather Service.

Source link

Continue Reading

Trending