Serious data breach: biometric data publicly available
Responsible body: Suprema (Korean manufacturer of biometric security solutions)
Type of data breach: biometric data publicly available
Among other things, biometric data of more than 1 million people have been available on Biostar 2's publicly accessible database. Suprema is the security company responsible for the Biostar 2 web-based biometric locking system. Biostar 2 provides centralized access control to secure facilities such as warehouses or office buildings. It uses fingerprints and facial recognition to identify people who want to gain access to buildings. Last month Suprema announced that its Biostar 2 platform has been integrated with another access control system - AEOS. AEOS is used by 5,700 organizations in 83 countries, including governments, banks and the UK Metropolitan Police.
Categories of data concerned: Fingerprints, facial recognition data, user names and passwords, personal data of employees
Classification in practice: serious breach of privacy
Country: Used worldwide, among others in companies in the UK but also in at least one German company
Source: The Guardian