FB pixel

Biometric data and personal information exposure patched by genetic test lab

Biometric data and personal information exposure patched by genetic test lab
 

A genetic testing and “DNA Face Matching” company in the United States has left a trove of facial images and personally identifiable metadata exposed in a WordPress folder without even password protection, vpnMentor says.

Indiana-based ChoiceDNA left a folder titled “Facial Recognition Uploads” and containing an estimated 8,000 documents vulnerable, according to a post from Cybersecurity Researcher Jeremiah Fowler. Facial images and descriptions are considered biometric data, even if not processed for identification purposes, the FTC declared in a policy statement last year.

ChoiceDNA says its DNA Face Matching service uses biometrics to assess the likelihood that people are related. Even the identity of an individual who sought the service, therefore, could be sensitive information. The metadata accompanying the images included names, phone numbers, email addresses, ethnicity and notes on why the person was seeking DNA analysis.

Fowler disclosed the vulnerability to the company, and it was addressed within a week. No reply or indication of how long the folder had been exposed was provided.

Given the proximity of the company’s base of operations to Illinois, home of the Genetic Information Privacy Act (GIPA), there could yet be legal fallout.

Fowler also notes that “facial recognition services based on a photo that is uploaded without the photo subject’s consent raises potential ethical and privacy concerns.”

The post states that there is no indication at this point that any data was breached, and Fowler concludes with advice for protecting WordPress sites.

Related Posts

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

Swiss digital ID backed by major political parties ahead of autumn referendum

Switzerland’s planned national digital identity has received support from a broad parliamentary alliance that includes representatives from almost all the…

 

Lufthansa, BigBear.ai and HID fly the future of digital transformation

The Lufthansa Group app is paving the way for air travel with new features and digital functionalities that interface with…

 

Clear plans for enterprise biometrics growth with new product name, partners

Clear has signed up T-Mobile as the first publicly-announced customer of its digital identity verification platform with biometric multi-factor authentication…

 

Continued innovation needed to effectively address sophisticated financial fraud

A Dark Economy Survey carried out by behavioral biometrics firm BioCatch has highlighted the disturbing trend of how AI is…

 

Humanity Protocol CEO talks Moongate acquisition, expansion into ticketing

Humanity Protocol has acquired Moongate, marking a move into the ticketing and access market. For Terence Kwok, CEO of the…

 

Half a million shoplifters can’t be right

By Professor Fraser Sampson, former UK Biometrics & Surveillance Camera Commissioner When Napoleon said that we were a nation of shopkeepers,…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events