FB pixel

Security researcher finds facial recognition company left database exposed online without authentication

 

Dutch security researcher Victor Gevers with the GDI Foundation discovered this week that a Chinese facial recognition company left its database exposed online, revealing information about millions of people, CNET reports.

Shenzhen-based SenseNets was founded in 2015 and offers face recognition, crowd analysis and personal verification.

Gevers discovered yesterday that one of SenseNets’ MongoDB databases had been left exposed online without authentication. The database contained more than 2.5 million records on people, including names, ID card numbers, ID card issue date, ID card expiration date, sex, nationality, home addresses, dates of birth, photos, employer and GPS coordinates for locations where SenseNets’ facial recognition technology had spotted them.

Gevers also revealed that in the last 24 hours more than 6.8 million GPS coordinates were recorded, noting that anyone would be able to use these records to track a person’s movements based on SenseNets’ real-time facial recognition. The researcher found that there were 1,039 unique devices tracking people across China and that logged locations include police stations, hotels, tourism spots, parks, internet cafes and mosques.

The GDI Foundation warned SenseNets about the open database, which has been available since July.

According to IHS Markit research, cities around the world spent $3 billion on city surveillance in 2017, and the market will grow at an average annual rate of 14.6 percent to 2021. China is the biggest market for security equipment in city surveillance, taking up a two-thirds share.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

UK school reprimanded by ICO for using facial recognition without DPIA

A school in Chelmsford, Essex, has been reprimanded by the Information Commissioner’s Office (ICO) for the unlawful implementation of facial…

 

Tech5 introduces flexible biometric template protection for its ABIS

Tech5 has developed biometric template protection technology that it says meets the criteria set out in the ISO/IEC 30136 standard….

 

Maza streamlines KYC with Regula biometric and document verification

Regula has integrated its document and biometric verification system into Maza Financial, a fintech company based in the United States,…

 

More ballparks to get biometric entry through MLB’s Go-Ahead Entry

Major League Baseball continues to grow its facial recognition entry program with biometrics from NEC. An article in Sports Business…

 

Inrupt enters growing digital wallet market with pitch from WWW inventor

Inrupt has launched a digital wallet, which comes with a notable endorsement from an internet pioneer. A press release says…

 

OIX calls on new UK government to accelerate digital ID rollout

The UK should work toward a digital wallet strategy, provide clarity on how ID will work across the public and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events