Biometric data breach Biostar security software incident – our take

14th August 2019

Stuart Reed
VP, Products

Researchers at VPNMentor have been able to gain access to security tool, Biostar 2, exposing 23 gigabytes of data and 30 million records, including fingerprint records, photographs, facial recognition data, names, addresses, passwords, employment history and records. VPNMentor discovered the data on 5th August and it was made private on 13th August. Biostar 2 is owned by Suprema.

Thousands of companies worldwide use the tool, including the UK’s Metropolitan Police which uses it to control access to certain parts of secure facilities. Other firms included Power World Gyms, Global Village, Adecco Staffing. The UK ICO is aware of the reports.

23 gigabytes of data and 30 million records being leaked, including highly sensitive biometric data, is a significant privacy issue for all those involved and a huge blow for the biometrics industry. If researchers at VPNMentor were able to gain access to the data from security tool, Biostar 2, then so too might hackers and the consequences of this would be vast. Not only the fact that there is little more sensitive data than someone’s biometrics – in this case including fingerprints and facial recognition data – but photographs, names, addresses, passwords and employment histories were also exposed.

A significant element of this breach is the nature of how the biometric data was being used; to grant access to secure areas, for example in police stations. Unlike many other cyber incidents that we’ve seen which compromise digital data, this breach directly crosses over into physical security, demonstrating just how dangerous the data could be in the wrong hands. Especially given that the window of compromise was open for at least 8 days, with the breach being found on August 5th and privacy being restored on August 13th, and we’re still in the dark as to how long the tool may have been vulnerable before then.

We know that hackers act fast which is exactly why we must not only use a combined approach of people, processes and technology to better secure our data, but we need more sophisticated technology to identify malicious behaviour and potential data theft fast. It is important we harness technology which is ubiquitous and therefore thorough, such as tapping into the DNS network layer for threat intelligence, and then integrating this with a seamless response. When biometric data is at stake, time has never been more of the essence.

To find out more about how the DNS layer is essential for Network Detection & Response for both known and unknown threats on your network, including malware, phishing and data theft, take a look at this whitepaper or find out more about NTX here.

Demystifying DNS for Cyber Security

Download our Demystifying DNS whitepaper to help understand your DNS better and the role it plays in your infrastructure.

Find out more