Technology 2 min read

Brazilian Security Firm Breach Exposes 76,000 Fingerprint Data

SafetyDetectives.com discovered a breach in the server of the Brazilian security firm Antheus Tecnologia, exposing 76,000 fingerprint data.

pixxelstudio91 / Shutterstock.com

pixxelstudio91 / Shutterstock.com

A cyber threat research group discovered a breach that exposes 76,000 fingerprint data, including 2 million bits of data.

Antheus Tecnologia develops and manages automated fingerprint identification systems. The Brazillian firm handles the employee fingerprints ID for various companies across the world.

Unfortunately, the security company may have a problem keeping its users’ data safe. As it turns out, Antheus Tecnologia left 16 gigabytes of sensitive information about client ID and biometric details unsecured on their servers.

SafetyDetectives.com, a team of researchers that specializes in analyzing antivirus software, discovered the breach. The researchers also mentioned that the breach had been secured.

How A Security Firm Exposed 76,000 Fingerprint Data

According to the researchers, the Antheus server employed a weak measure when it comes to system access. In other words, the security firm’s server may not be as sufficiently protected as it should be.

But that’s not the problem. The most alarming part is the insecure method that Antheus Tecnologia used in storing information.

The security firm stored actual fingerprint images as well as index logs of company employees. And this would make it easy for hackers to match and use the data for criminal activity.

A researcher from the cyber threat group, Anurag Sen explained:

“Instead of saving a hash of the fingerprint (that cannot be reverse-engineered), Antheus is saving people’s actual fingerprints through rudimentary encoding which can then be replicated for malicious purposes.”

The security breach is troubling, and here’s why.

Why Biometric Data Theft is a big Deal

We now rely on biometric data to access to everything, from smartphones and personal computers to banking and business institutions.

In an average password breach or malware infection, a user can change a password. The company could even release a software patch to eliminate the threat.

But biometric data are different. You can’t upgrade or change your fingerprint, the same way your facial recognition and iris scan data are also permanent.

So, a breach in these areas exposes users to identity and financial theft. Attackers will also have access to classified information, which could lead to extortion or blackmail.

Read More: How AI Will Improve Cybersecurity in 2020

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Sumbo Bello know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Sumbo Bello

Sumbo Bello is a creative writer who enjoys creating data-driven content for news sites. In his spare time, he plays basketball and listens to Coldplay.

Comments (0)
Most Recent most recent
You
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.