A huge data breach has exposed the fingerprints and facial recognition scans of millions of people.
Private data were freely available in a public database discovered by investigators, with banks and UK police among those affected.
It is not clear what damage, if it has been done, has been done, but experts warned that the violation poses a serious security risk if it falls into the wrong hands.
Cunning cybercriminals could use any data cut to manipulate security systems and allow them to enter secure buildings and computer systems.
The leak was discovered in a report by Israeli security researchers Noam Rotem and Ran Locar who work with & # 39; vpnmentor & # 39 ;, a site that reviews virtual private network tools.
"Access allows us to see that millions of users are using this system to access different locations," Noam told guardian.
"We were able to see in real time which user enters which installation or which room in each installation."
The researchers were even able to "change data and add new users."
In addition to fingerprint and facial scans, sometimes called "biometric data," the database features unencrypted usernames and passwords and personal information.
It belongs to Suprema, an international security company that provides services to governments, banks and the United Kingdom metropolitan police.
Suprema describes itself as a "world power in biometrics, security and identity solutions."
Its product range includes "biometric access control systems, time and support solutions, live fingerprint scanners, mobile authentication solutions and integrated fingerprint modules".
But according to the investigators' report, the company's database, which included 27.8 million records, was exposed online last month.
According to reports, your confidential data became accessible to the public due to an error in Suprema's Biostar 2 tool.
The program uses fingerprints and facial scans as part of its means to identify people trying to access buildings.
Problems arose when Suprema integrated Biostar 2 with another control system, AEOS, last month. AEOS hosts the data of millions of employees in 5,700 organizations in 83 countries.
The fault was reportedly corrected on August 13, six days after investigators noticed Suprema of the error.
It is not clear if any hacker seized the data before the fault was resolved.
How does facial recognition technology work?
Here is everything you need to know …
- A facial recognition tool is a way to recognize your face using technology
- They are mainly used for security purposes, and are found in most modern smartphones
- The technician tracks you with a camera and uses intelligent artificial intelligence to read the distances between different parts of your face
- It focuses mainly on the eyes, nose, cheeks and mouth, which distinguish one person from another.
- To verify your identity, the tool must compare your face in real time with a photo of yourself
- If everything matches, your gateway, phone or other technology is unlocked to allow you to enter
The violation of biometric data is of particular concern for those affected.
This is because biometric data, such as your fingerprint, retina or face, cannot be changed as a password, which means that once the hackers are filtered, they can supplant it forever.
With police officers from the United Kingdom and government employees potentially compromised for life, the violation will raise alarm among officials.
A spokeswoman for Suprema promised to inform customers if there was a threat to user data.
"If there has been a definite threat to our products and / or services, we will take immediate action and make appropriate announcements to protect our customers' valuable businesses and assets," they said.
The Sun has contacted the Metropolitan Police for comment.
APPLE A DAY
The new iPhone & # 39; will arrive in THREE versions next month without delay for the cheap model & # 39;
New Snapchat icon & # 39; so ugly & # 39; that users are DELETING the application from their phones
New iPhone price & # 39; revealed & # 39; as CHEAPER than 2018 based on expert predictions
SHELL ON EARTH
Zombie snail & # 39; blinks & # 39; after eyes invaded by a parasite that & # 39; forces suicide & # 39;
In other news, Facebook's mistake allows children to avoid parental controls and talk to strangers – How to stop it.
Google is secretly building a new Facebook rival called Shoelace It's like "Tinder to make friends."
Do you use Google Chrome often? Let us know in the comments …
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Send us an email to firstname.lastname@example.org