Security Company Breach Leaks Over 1 Million UK Users Biometric Data

This is Niche Gamer Tech. In this column, we regularly cover tech and things related to the tech industry. Please leave feedback and let us know if there’s tech or a story you want us to cover

A new report has found over one million users have had their biometric data leaked, in the United Kingdom.

The new report (via The Guardian) notes over 1 million users have had their personal biometric data exposed in a leak, via security firm Suprema. The security partner is used by UK police, banks, and military contractors, all of which had collected the biometric data from citizens.

In brief, Suprema runs the Biostar 2 lock system, which controls access and surveillance in secure buildings. Israeli researchers Noam Rotem and Ran Locar discovered the leak, alongside cybersecurity firm vpnMentor.

While a leak is usually followed by an immediate “please change your passwords” email, you can’t change biometric data like your … fingerprints, or your face.

“After we discovered the breach in BioStar 2’s database, we contacted the company alerting them of our findings,” researchers wrote. “However, we found BioStar 2 generally very uncooperative throughout this process. Our team made numerous attempts to contact the company over email, to no avail. Eventually, we decided to reach out to BioStar 2’s offices by phone. Again, the company was largely unresponsive.”

Roughly a week after the leak was discovered earlier this month, it was fixed. In total, the leak made up of some 27.8 million records and 23 gigabytes of data.

Brandon Orselli


Big Papa Overlord at Niche Gamer, Nicchiban, and Pretentious Media. Italian. Dad. Outlaw fighting for a better game industry. I also write about music, food, & beer. Also an IT guy.