Facial Recognition Company Hacked

Uploaded on 2020-03-11 in TECHNOLOGY--Developments, GOVERNMENT-Law Enforcement, FREE TO VIEW

Clearview AI, that works with the US law enforcement community with its facial recognition software, has had a hacker exploit a security flaw and steal its entire client list. The company , whose database has collected over 3 billion photos has suffered a data breach. 

The data stolen in the hack included the firm’s entire customer list, which will include multiple law enforcement agencies, along with information such as the number of searches they had made and how many accounts they’d set up. Clearview AI say the huge database of images was not part of the breach.
 
The exact nature and source of the breach remains unknown at this time. The company says it’s patched the vulnerability and insists its servers were not accessed. Based on the sensitive nature of its work, there’s plenty of reason for concern. Clearview says it works with law enforcement agencies and the company claims that not only does its clientele include hundreds of police stations, it also services the FBI and DHS. A leaked list of Clearview AI’s clients shows that the controversial company’s facial recognition software has spread way beyond law enforcement, into household names. 

Clearview claims to have scraped more than three billion images from websites and social media platforms into a database that police can use to match with photos of suspects.

They include retailers (Walmart, Kohl’s, BestBuy and Macy’s); banks (Wells Fargo and Bank of America), sports leagues (the NBA); entertainment venues (Madison Square Garden), mobile carriers (AT&T, Verizon, and T-Mobile); casinos (Las Vegas Sands and Pechanga Resort Casino); gyms (Equinox); ticketing platforms (Eventbrite); and cryptocurrency exchanges (Coinbase).

Clearview’s focus on law enforcement would suggest that other companies would find similar security uses, such as identifying shoplifters in stores and potential trouble-makers at basketball games. But this could quickly lead to the unconsented profiling of innocent consumers and passersby.

Clearview’s system, the company says, is “an after-the-fact research tool. Clearview is not a surveillance system and is not built like one. For example, analysts upload images from crime scenes and compare them to publicly available images.”

In doing so, it says, it has the power to help its clients, which include police departments, ICE, Macy’s, Walmart, and the FBI, says a recent Buzzfeed report to stop criminals: “Clearview helps to identify child molesters, murderers, suspected terrorists, and other dangerous people quickly, accurately, and reliably to keep our families and communities safe.”

Clearview AI hit the news recently when the New York Times detailed how the company’s facial recognition program had scraped sources including Facebook and Twitter to build its massive database. 

If you live in California, under the rules of the newly enacted California Consumer Privacy Act, you can see what Clearview has gathered on you, and request that they stop it.

Buzzfeed:      Coindesk:     The Next Web:       Forbes:    

You Might Also Read:

AI Will Find You In The Crowd:

 

« The Hot Jobs In Cyber Security & How To Get One
Cyber Criminals Target UK Motorists »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ISTQB

ISTQB

ISTQB has defined the "ISTQB Certified Tester" scheme that has become the world-wide leader in the certification of competences in software testing.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

Vilnius Tech Park

Vilnius Tech Park

The region‘s most complex and integrated ICT hub, Vilnius Tech Park aims to attract and unite innovative talent from big data, cyber security, smart solutions, fintech and digital design.

Titans24

Titans24

Titans24 is a Software-as-a-Service security platform for web applications. It prevents attacks on business websites that are protected under 11 cyber-security layers.

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Noblis

Noblis

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest.

European Center for CyberSecurity in Aviation (ECCSA)

European Center for CyberSecurity in Aviation (ECCSA)

ECCSA is a cooperative partnership within the aviation community to better understand emerging cybersecurity risks in aviation and provide collective support in dealing with cybersecurity incidents.

NetTech

NetTech

NetTech’s Managed CyberSecurity and Compliance/HIPAA services are designed to help your company prevent security breaches and quickly remediate events if they do happen to occur.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

NORMA Cyber

NORMA Cyber

NORMA Cyber delivers centralised cyber security services to Norwegian shipowners and other entities within the Norwegian maritime sector.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.