Embarrassing slipup exposes dozens of personal profiles from Trust Stamp
The only situation worse than a data breach for a face biometrics security company is a dumb data breach.
According to news publisher Insider, that is what has happened to government contractor Trust Stamp. It is possible to fault potential customers who tested a demo app created by the company, but only because they trusted Trust Stamp to protect their data.
Demographic data of “dozens” of would-be customers reportedly was posted for public viewing after people tested Trust Stamp services using their real information. Many times more people – allegedly several hundred more — used fabricated data.
The data points in question reportedly include names, birth dates and driving license information. It is not clear if license numbers or facial images from the licenses were exposed. Biometric templates do not appear to have been breached.
Insider reportedly emailed with the company’s CEO, Gareth Genner, who appears to be familiar with the demo problem. Genner offered two test profiles, one from “Heidi Sample” and “Test Alaska,” as evidence that most exposed data was fictional.
He said the facial recognition provider has since taken every step to protect the test database.
As has been pointed out by the publication, the digital identity firm has a $7.2 million annual contract with the U.S. Immigration and Customs Enforcement to surveil migrants who are processed after crossing the nation’s border with Mexico.
No one enrolling in that program is involved in the biometric demo app problem because the app is sold only to government agencies.
Trust Stamp reported last month that its diluted net loss per share decreased to $0.46 in 2021, from $0.90 in 2020, on a 15.2 percent decrease in net loss.