Kaspersky on the news of biometrics data breach
August 2019 by David Emm, Principal Security Researcher, Global Research Analysis Team (GReAT) chez Kaspersky Lab
In response to the news today that the fingerprints of over 1 million people, as well as facial recognition information, have been discovered on a publicly accessible database, please see below a comment from David Emm, principal security researcher at Kaspersky.
“This incident underlines the risks associated with using biometric identifiers. Biometric data is just as valuable a target for cybercriminals as usernames and passwords. The theft of biometric data, and the fact that this could be used to spoof people’s identity, highlights how important it is for companies to secure customer data. This is especially important in the case of biometric data. In the event of a data breach, compromised password can be changed, but this is not true for a fingerprint or other biometric data. This raises the question of whether biometrics are a safe alternative to passwords? It’s my view that biometrics should be used as an alternative to usernames, not passwords. Whether it’s passwords or biometrics, providers should take steps to secure authentication data and other personal information. If data is stored in the clear, it provides a treasure trove for cybercriminals”