Predict your next investment

SOFTWARE (NON-INTERNET/MOBILE)
epicdata.com

See what CB Insights has to offer

Founded Year

1975

About Epic Data

Provider of data collection software, devices, and systems.

Epic Data Headquarter Location

300-6500 River Road

Richmond, British Columbia, V6X 1X5,

Canada

(604)273-9146

Latest Epic Data News

Epic Data Breach Found in Global Biometrics System Used by Police, Defence Firms and Banks

Aug 14, 2019

Sputnik International © AP Photo / Michel Spingler A host of sensitive personal data, including the fingerprints of over one million people, facial recognition information, and unencrypted usernames and passwords, was discovered on the publicly accessible database of Suprema, a biometric technology company used by police forces, defence contractors and banks. The firm’s flagship Biostar 2 biometrics lock system allows centralised control for access to secure facilities such as warehouses, office buildings and the like, using fingerprints and facial recognition to identify individuals seeking access - in July, the platform was integrated into access control system AEOS, which is used by almost 6,000 organisations in 83 countries, and applies to around 1.5 million locations the world over. Last week however, Israeli security research firm vpnmentor, which reviews virtual private network services for speed, security, support, and features, found Biostar 2’s database was unprotected and mostly unencrypted, granting them access to almost 28 million personal records and 23 gigabytes of data including admin panels, dashboards, fingerprint data, facial recognition data, users’ headshots, unencrypted usernames and passwords, logs of facility access, security levels and clearance, and personal details of staff. Check out our latest report: security platform BioStar 2 leaked MILLIONS of users' biometric records. Read the full report here: https://t.co/6KpjPwzTK7 It has now published a damning report on the gaping hole in the system’s defences, warning criminals “of all kinds” could use the information for “varied illegal and dangerous activities”. “Facial recognition and fingerprint information cannot be changed. Once they are stolen, it can’t be undone. The unsecured manner in which Biostar 2 stores this information is worrying, considering its importance, and the fact that Biostar 2 is built by a security company. Instead of saving a hash of the fingerprint (that can’t be reverse-engineered) they are saving people’s actual fingerprints that can be copied for malicious purposes,” the report states. It goes on to note the firm’s researchers were even able to change data and add new users, meaning they could edit an existing user’s account, add their own fingerprints, then have access to whatever building the individual is authorised to enter – hackers could thus potentially create entire libraries of bogus fingerprints to enter secure locations without being detected. They would also have access to activity logs, so could delete or alter data to conceal their activities. © AP Photo / Sang Tan The authors also suggest fingerprint data theft is “particularly concerning” given fingerprints are replacing typed passwords on many consumer items, such as smartphones - as most fingerprint scanners on consumer goods are unencrypted, if a hacker can replicate fingerprints, they can gain access to all private information stored on a device, such as messages, photos, and payment methods. “This leak could have been easily avoided had the makers of Biostar 2 taken basic security precautions. While the information we found could still have made it into the hands of criminal hackers, we suggest Biostar 2 and Suprema secure servers with better protection measures, don’t save the actual fingerprints of users, implement proper access rules on databases and never leave a system that doesn’t require authentication open to the internet, the report concludes. © AP Photo / Marcio Jose Sanchez

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.