Facial Recognition Company Hacked

Clearview AI, that works with the US law enforcement community with its facial recognition software, has had a hacker exploit a security flaw and steal its entire client list. The company , whose database has collected over 3 billion photos has suffered a data breach. 

The data stolen in the hack included the firm’s entire customer list, which will include multiple law enforcement agencies, along with information such as the number of searches they had made and how many accounts they’d set up. Clearview AI say the huge database of images was not part of the breach.
 
The exact nature and source of the breach remains unknown at this time. The company says it’s patched the vulnerability and insists its servers were not accessed. Based on the sensitive nature of its work, there’s plenty of reason for concern. Clearview says it works with law enforcement agencies and the company claims that not only does its clientele include hundreds of police stations, it also services the FBI and DHS. A leaked list of Clearview AI’s clients shows that the controversial company’s facial recognition software has spread way beyond law enforcement, into household names. 

Clearview claims to have scraped more than three billion images from websites and social media platforms into a database that police can use to match with photos of suspects.

They include retailers (Walmart, Kohl’s, BestBuy and Macy’s); banks (Wells Fargo and Bank of America), sports leagues (the NBA); entertainment venues (Madison Square Garden), mobile carriers (AT&T, Verizon, and T-Mobile); casinos (Las Vegas Sands and Pechanga Resort Casino); gyms (Equinox); ticketing platforms (Eventbrite); and cryptocurrency exchanges (Coinbase).

Clearview’s focus on law enforcement would suggest that other companies would find similar security uses, such as identifying shoplifters in stores and potential trouble-makers at basketball games. But this could quickly lead to the unconsented profiling of innocent consumers and passersby.

Clearview’s system, the company says, is “an after-the-fact research tool. Clearview is not a surveillance system and is not built like one. For example, analysts upload images from crime scenes and compare them to publicly available images.”

In doing so, it says, it has the power to help its clients, which include police departments, ICE, Macy’s, Walmart, and the FBI, says a recent Buzzfeed report to stop criminals: “Clearview helps to identify child molesters, murderers, suspected terrorists, and other dangerous people quickly, accurately, and reliably to keep our families and communities safe.”

Clearview AI hit the news recently when the New York Times detailed how the company’s facial recognition program had scraped sources including Facebook and Twitter to build its massive database. 

If you live in California, under the rules of the newly enacted California Consumer Privacy Act, you can see what Clearview has gathered on you, and request that they stop it.

Buzzfeed:      Coindesk:     The Next Web:       Forbes:    

You Might Also Read:

AI Will Find You In The Crowd:

 

« The Hot Jobs In Cyber Security & How To Get One
Cyber Criminals Target UK Motorists »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Viscount Systems

Viscount Systems

Viscount Systems is a global security software solutions company that is changing the way access control is deployed and managed in the enterprise.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

Jazz Networks

Jazz Networks

Jazz Networks provides user behavior analytics (UBA UEBA) and data loss prevention (DLP) cybersecurity software to prevent the insider threat.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

Tangible Security

Tangible Security

Tangible employs the most sophisticated cyber security tools and techniques available to protect our clients’ sensitive data, infrastructure and competitive advantage.

PT Prima Cyber Solusi

PT Prima Cyber Solusi

PT Prima Cyber Solusi is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Analygence

Analygence

ANALYGENCE is your trusted partner for mission support, cyber solutions, and management services.

NREL Clean Energy Cybersecurity Accelerator (CECA)

NREL Clean Energy Cybersecurity Accelerator (CECA)

The Clean Energy Cybersecurity Accelerator advances cyber innovation to defend modern, renewable energy technologies against high-priority cybersecurity risks to the energy sector.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

Crygma

Crygma

CRYGMA Quantum-Resistant Cryptographic Machines, the new standard in data encryption.