More than a million fingerprints and other sensitive data have been exposed online by a biometric security firm, researchers say.
Researchers working with cyber-security firm VPNMentor say they accessed data from a security tool called Biostar 2. It is used by thousands of companies worldwide, including the UK's Metropolitan Police, to control access to specific parts of secure facilities. Suprema, the firm that offers Biostar 2, said it was addressing the issue. "If there has been any definite threat on our products and/or services, we will take immediate actions and make appropriate announcements to protect our customers' valuable businesses and assets," a company spokesman told the Guardian. According to VPNMentor, the exposed data, discovered on 5 August, was made private on 13 August. It is not clear how long it was accessible. As well as fingerprint records, the researchers say they found photographs of people, facial recognition data, names, addresses, passwords, employment history and records of when they had accessed secure areas.