A new report by security researchers at Vpnmentor warns that Suprema, a self-declared “leading global provider of biometrics and security,” has left a massive biometric database exposed to the Internet. While the impact of the leak is not immediately clear, the report indicates that anyone with an Internet connection could have accessed the fingerprint and facial recognition records of millions of people.
The researchers found nearly 28 million exposed records, amounting to 23 gigabytes. The data includes “fingerprint data, facial recognition data, face photos of users, unencrypted usernames and passwords, logs of facility access, security levels and clearance, and personal details of staff.”
The incident seems to mark the first major biometric data breach. Compromise of biometric data is a security disaster because unlike passwords, PINS and other data used for authentication purposes, biometric information doesn’t change. Once threat actors know your fingerprint, they could use this information against you for the rest of your life.
Read more: New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report