Serious data breach: biometric data publicly available

Date: 14.08.2019

Responsible body: Suprema (Korean manufacturer of biometric security solutions)

Type of data breach: biometric data publicly available

Among other things, biometric data of more than 1 million people have been available on Biostar 2's publicly accessible database. Suprema is the security company responsible for the Biostar 2 web-based biometric locking system. Biostar 2 provides centralized access control to secure facilities such as warehouses or office buildings. It uses fingerprints and facial recognition to identify people who want to gain access to buildings. Last month Suprema announced that its Biostar 2 platform has been integrated with another access control system - AEOS. AEOS is used by 5,700 organizations in 83 countries, including governments, banks and the UK Metropolitan Police.

Categories of data concerned: Fingerprints, facial recognition data, user names and passwords, personal data of employees

Classification in practice: serious breach of privacy

Country: Used worldwide, among others in companies in the UK but also in at least one German company

Source: The Guardian

Back to the overview of the data breaches