Researchers say data on biometrics system BioStar 2 has leaked, affecting thousands of clients including the Metropolitan Police.

More than one million fingerprints and a host of usernames and passwords have been exposed on an unsecured database hosted by a security platform that lists the Metropolitan Police among its clients.

Researchers claim to have discovered the publicly accessible information on the web-based BioStar 2, which is owned and operated by South Korean company Suprema.

The firm describes itself as a "global powerhouse in biometrics, security and identity solutions" and sells its services to thousands of organisations around the world, including businesses, banks and Scotland Yard.

BioStar 2 is a security system that allows biometrics to be used to grant people access to buildings and other restricted areas.

It hosts an enormous amount of fingerprint and facial identification data - plus the usernames and passwords associated with them.

Internet privacy researchers Noam Rotem and Ran Locar, of vpnMentor, say they discovered that BioStar 2 had been breached on 5 August and that it was not resolved for eight days.

In a report published on the vpnMentor website, they said: "This is a huge leak that endangers both the businesses and organisations involved, as well as their employees.

Continue reading on Skynews>>

#DataBreach, #Biometrics, #Fingerprints, #Facial, #Recognition, #GDPR, #BioStar2, #SouthKorea, #Suprema