Module 2 : Lesson 1 Policies and Issues on Internet and Implication to teaching and learning

ACTIVITY # 4

Title of the Issue: Privacy and Security

Title of the Article: Over 27.8M Records Exposed in BioStar 2 Data Breach

Source:

https://www.trendmicro.com/vinfo/us/security/news/online-privacy/over-27-8m-records-exposed-in-biostar-2-data-breach

Author: The author of this article didn’t include name.

a. Summary Narrative

About 23 GB worth of data consisting of 27.8 million sensitive biometric records was found exposed in a massive data breach involving biometric security platform BioStar 2. This is according to researchers from VPNMentor, who saw substantial portions of BioStar 2’s database left unprotected and unencrypted or insufficiently secured. The Suprema-owned BioStar 2 platform provides thousands of companies with biometrics security in order to restrict access to offices, buildings, and other private areas.

BioStar 2 has recently been integrated with Nedap’s AEOS physical access control system, a security suite that connects physical locks, biometric readers, and other devices to keep buildings secure. The AEOS system is currently being used by over 5,700 organizations worldwide. With BioStar 2’s data leak, the sensitive biometric information of these organizations, including government units, financial companies, and even the UK’s Metropolitan Police, may have been compromised.

Sensitive information leaked in this data breach include 1 million fingerprints as well as facial recognition data and images. Access to dashboards and backend controls, usernames and passwords, and employee records were also uncovered. A recorded list of those who entered and left secured areas was also exposed.

The researchers also noted that they were able to easily access the accounts associated with this leak, as many of the accounts had default or easily decipherable passwords. Those with more complex passwords were also accessed because they were all saved as plain text to the database.

b. What lesson have you learned?

The lesson that I learned in this article is that always check if the one you are trying to access is a trusted site and also do not include all the information about you so that, when it comes to this situation you don’t have to worry because you haven’t include personal and important information about yourself .

c. What suggestion can you offer?

The suggestion I can offer is that Think before you click . Think the things that you can included that cannot harm you when it leaks and think the things that is not necessary to include like personal or important detail. You should be wise in this matter so that you will not lose anything .