FB pixel

Security researcher finds facial recognition company left database exposed online without authentication

 

Dutch security researcher Victor Gevers with the GDI Foundation discovered this week that a Chinese facial recognition company left its database exposed online, revealing information about millions of people, CNET reports.

Shenzhen-based SenseNets was founded in 2015 and offers face recognition, crowd analysis and personal verification.

Gevers discovered yesterday that one of SenseNets’ MongoDB databases had been left exposed online without authentication. The database contained more than 2.5 million records on people, including names, ID card numbers, ID card issue date, ID card expiration date, sex, nationality, home addresses, dates of birth, photos, employer and GPS coordinates for locations where SenseNets’ facial recognition technology had spotted them.

Gevers also revealed that in the last 24 hours more than 6.8 million GPS coordinates were recorded, noting that anyone would be able to use these records to track a person’s movements based on SenseNets’ real-time facial recognition. The researcher found that there were 1,039 unique devices tracking people across China and that logged locations include police stations, hotels, tourism spots, parks, internet cafes and mosques.

The GDI Foundation warned SenseNets about the open database, which has been available since July.

According to IHS Markit research, cities around the world spent $3 billion on city surveillance in 2017, and the market will grow at an average annual rate of 14.6 percent to 2021. China is the biggest market for security equipment in city surveillance, taking up a two-thirds share.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Sierra Leone consults to amend civil registration legislation

The National Civil Registration Authority of Sierra Leone (NCRA) is reviewing its current civil registration law to identify gaps that…

 

iProov biometrics and liveness detection to secure workforce IDs on Microsoft Entra

Enterprise workers using Microsoft Entra ID can now use iProov biometrics and liveness detection to log into company systems through…

 

Malaysia’s prime minister loses it with MyDigital ID’s slow progress

Malaysia’s leader has voiced deep frustration with the slow progress in two key national digital initiatives. This week it was…

 

IDVerse acquired by LexisNexis to boost biometric fraud protection

LexisNexis Risk Solutions has struck a deal to acquire IDVerse adding biometric fraud protection to its portfolio of analytics and…

 

Intellicheck to provide identity validation for Accio Data

Intellicheck, Inc. has announced an integration with Accio Data to streamline background screening checks for job applicants. A release from…

 

UK digital age assurance receives support from stakeholders: Reports

UK’s attempts to legalize digital age assurance technology are likely to be successful, according to media reports. In January, the…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events