【4K】-Unique Information Network
Latest News:
Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch The neuroscience of motivation—and how it can change your life Ransomware attack used an NSA exploit, Eternal Blue, to wreak havoc UK's largest warship has a big cybersecurity vulnerability: Windows XP Netherlands vs. Spain 2025 livestream: Watch UEFA Nations League for free A new ransomware is sweeping the globe, but there's a vaccine Pregnant dog gets the perfect Anthropologie Exclusive: This is Vivo's under CPU Price Watch: 9900K Incoming, Ryzen Cuts Amazon's Echo Show has video streaming feature that plays Jimmy Fallon, CNN, CNBC, and more
Current Location: Home > Entertainment > 【4K】

【4K】

2025-06-26 16:47:51 [Digital Culture] Source: Unique Information Network

Exposed passwordsKbad enough. But fingerprint and facial recognition data? That’s terrifying.

Suprema's Biostar 2 biometric security system came under scrutiny after vpnMentor and two researchers -- Noam Rotem and Ran Locar -- uncovered a major flaw that exposed the biometric data of more than 1 million people, according to The Guardian.

Biostar 2 is a security platform that, in part, utilizes facial recognition and fingerprints to control access to buildings and other secure facilities. Making the potential breach even worse: Biostar 2 was recently integrated into Nedap's AEOS security platform, which is used for security by thousands of companies and organizations in more than 80 countries.

The researchers said not only was the database unencrypted, but was accessed by tweaking URL search criteria in Elasticsearch, a search and analytics engine. And it contained a lot of data.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

The Guardianreported that the researchers "had access to over 27.8m records, and 23 gigabytes-worth of data including admin panels, dashboards, fingerprint data, facial recognition data, face photos of users, unencrypted usernames and passwords, logs of facility access, security levels and clearance, and personal details of staff."

According to vpnMentor, the exposed data was discovered on Aug. 5, 2019. Two days later, they notified Biostar 2 of the issue and by Aug. 13, the database was private. It's not known how long all of that information was accessible and if anyone, particularly bad actors, had gained access to the database.

What's more, vpnMentor reports that Biostar's office was "generally very uncooperative."

SEE ALSO: Amazon claims its Rekognition software can now detect fear

Among the U.S.-based businesses the researchers were able to access data for: co-working space Union and medical supply company Phoenix Medical. But The Guardian notes that organizations that are part of AEOS include "governments, banks and the UK Metropolitan police."

We've reached out to Suprema for additional comment but, for now, you can continue to rest, uh, uneasily knowing that your data will never be fully secure.

Featured Video For You
Judge rules that Feds can't force a person to unlock their phones

Topics Cybersecurity Facial Recognition

(Editor: {typename type="name"/})

Related Articles
Recommended
Hot Reads
Random

友情链接

接受PR>=1、BR>=1,流量相当,内容相关类链接。