Skip to Content
Computing

Data leak exposes unchangeable biometric data of over 1 million people

Fingerprint
FingerprintWikimedia commones

You can always change your password. Your fingerprints and face are another story.

A major leak of data discovered this week in the UK includes fingerprints of over 1 million individuals, face recognition information, unencrypted names and passwords, and other personal info from Suprema, a security company used by UK police, banks, and military contractors, according to a report in the Guardian.

Leaks: Data leaks happen with shocking regularity. Especially as companies have moved to the cloud in recent years, various misconfigurations and mistakes have left mountains of private data publicly exposed on the internet for anyone to see.

Biometrics: This incident is different because, in addition to personal data and passwords, it includes biometrics like fingerprints and face recognition information.

The data leak strikes at the heart of one of the big fears and criticisms about the increasing use of biometrics: You can change your username and password with a couple of clicks. Your face is forever. Or did the word “surgery” just cross your mind?

The source: Suprema runs Biostar 2, a biometric lock system controlling access and surveillance in secured buildings. The leak was discovered by Israeli researchers Noam Rotem and Ran Locar and the cybersecurity firm vpnMentor.

“After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings,” researchers wrote. "However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.”

The leak totaled 27.8 million records and 23 gigabytes of data. Approximately one week after discovery earlier this month, it was fixed.

Keep Reading

Most Popular

The inside story of how ChatGPT was built from the people who made it

Exclusive conversations that take us behind the scenes of a cultural phenomenon.

ChatGPT is about to revolutionize the economy. We need to decide what that looks like.

New large language models will transform many jobs. Whether they will lead to widespread prosperity or not is up to us.

Sam Altman invested $180 million into a company trying to delay death

Can anti-aging breakthroughs add 10 healthy years to the human life span? The CEO of OpenAI is paying to find out.

GPT-4 is bigger and better than ChatGPT—but OpenAI won’t say why

We got a first look at the much-anticipated big new language model from OpenAI. But this time how it works is even more deeply under wraps.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.