Biometric Database Breach: Expert Commentary

Suprema has reportedly suffered a biometric database breach including facial recognition records, fingerprints, log data and personal information being found on “a publicly accessible database.” The damage is not yet clear, but the report claims that actual fingerprints and facial recognition records for millions of people have been exposed.


EXPERTS COMMENTS
Chris DeRamus, CTO and co-founder,  DivvyCloud
August 21, 2019
Companies continue to suffer breaches from misconfigurations
Leaving servers unprotected seems like such a simple mistake to avoid, but more and more companies suffer data breaches as the result of misconfigurations, and we read about them in the news almost every day. Suprema joins Aavgo, University of Chicago Medicine, Rubrik, Gearbest, Ascension and countless other organizations this year as victims of data leaks due to misconfigurations. The truth is, o ....
[Read More >>]
Jonathan Bensen, CISO,  Balbix
August 20, 2019
Suprema's breach can result in fines under GDPR
Suprema has potentially compromised more than 27.8 million records of admin panels and dashboards, as well as individuals’ sensitive biometric data and other PII, which can be devastating for those affected. The information exposed could allow a malicious group to conduct a sophisticated social engineering attack with real-world implications, including allowing unauthorized users to access high- ....
[Read More >>]
David Emm, Principal Security Researcher ,  Kaspersky
August 15, 2019
It’s my view that biometrics should be used as an alternative to usernames, not passwords.
“This incident underlines the risks associated with using biometric identifiers. Biometric data is just as valuable a target for cybercriminals as usernames and passwords. The theft of biometric data, and the fact that this could be used to spoof people’s identity, highlights how important it is for companies to secure customer data. This is especially important in the case of biometric data. ....
[Read More >>]
Willy Leichter, VP of Marketing,  Virsec
August 15, 2019
Unfortunately, leaking of biometric source information is the inevitable next step in a long line of security blunders.
Unfortunately, leaking of biometric source information is the inevitable next step in a long line of security blunders. With any authentication method, from passwords to advanced biometrics, security is only as strong as its weakest link. With all the hype around biometrics and AI, we tend to overlook the basics – we’re entrusting increasingly unchangeable personal data to a network of third p ....
[Read More >>]
Kevin Gosschalk, CEO,  Arkose Labs
August 15, 2019
This breach not only exposes individuals to fraud but also makes them indefinitely vulnerable to future attacks, as biometrics.
Suprema’s breach exposing biometric records for more than 28 million people -- including fingerprint data, facial recognition data, and face photos of users -- disrupts the long held belief that biometrics are the most effective authentication solution. This breach not only exposes individuals to fraud but also makes them indefinitely vulnerable to future attacks, as biometrics, unlike passwords ....
[Read More >>]
Robert Prigge, President,  Jumio
August 15, 2019
This data breach proves that biometric data is extremely valuable to fraudsters.
This data breach comes at a critical moment, as a growing number of consumers are comfortable using biometric technology on a daily basis to unlock their phone or authorize a digital payment. Storing sensitive biometric data without encryption, such as the actual fingerprint and facial recognition information compromised with this breach, is gross negligence. At the bare minimum, biometric data re ....
[Read More >>]
Vinay Sridhara, CTO,  Balbix
August 15, 2019
Seeing as UK citizens’ data was exposed, it will not be surprising if the South Korean-based biometrics.
Suprema has potentially compromised more than 27.8 million records of admin panels and dashboards, as well as individuals’ sensitive biometric data and other PII, which can be devastating for those affected. The information exposed could allow a malicious group to conduct a sophisticated social engineering attack with real-world implications, including allowing unauthorized users to access high- ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article