05/24/2024

A Biometric Police Data Leak is a Sign of Things to Come

Thousands of fingerprints, facial images have been exposed online

Thousands of law enforcement officials and people applying to be police officers in India have had their personal information leaked online—including fingerprints, facial scan images, signatures and details of tattoos and scars on their bodies. If that wasn’t alarming enough, at around the same time, cybercriminals have started to advertise the sale of similar biometric police data from India on messaging app Telegram.

Last month, security researcher Jeremiah Fowler spotted the sensitive files on an exposed web server linked to ThoughtGreen Technologies, an IT development and outsourcing firm with offices in India, Australia and the United States.

Within a total of almost 500 gigabytes of data spanning 1.6 million documents, dated from 2021 until when Fowler discovered them in early April, was a mine of sensitive personal information about teachers, railway workers, and law enforcement officials. Birth certificates, diplomas, education certificates and job applications were all included.

Please select this link to read the complete article from WIRED.