Website of biometric ‘homeless management system’ provider hacked
The website of Odin Intelligence, a provider of technology that includes face biometrics to law enforcement and emergency services, has been defaced by unidentified hackers on Sunday.
The hack, reported by TechCrunch, follows a Wired report last week suggesting that an app developed by the company, SweepWizard, had a critical security vulnerability that enabled attackers to access the personal information of police suspects and sensitive details of upcoming police operations.
The data breach comes almost a year after reports first detailed the company’s ‘Homeless Management Information System’ that provides face biometrics to enable law enforcement to identify homeless people.
“It appears that previous controversy and the current dismissive attitude toward a reported vulnerability was the catalyst to drive this defacement,” Erich Kron, security awareness advocate at KnowBe4, tells Biometric Update in an email.
“In addition, it appears that significant amounts of data were also exfiltrated, a common tactic in both the general cybercriminal and ransomware actors playbook.”
In fact, according to TechCrunch, more than 16GB of data was stolen from Odin’s organization, including sex offenders’ data and information related to the SweepWizard app.
“Organizations that deal in sensitive information, whether it’s law enforcement-related or more typical data, need to take cybersecurity very seriously,” Kron adds. “This is especially true when a potentially significant vulnerability is reported to the organization.”
The Odin Intelligence website was taken offline following the hack and remains inactive at the time of writing.