Security researchers at VPNMentor say they gained access to 27.8 million records and 23 GB of data, including unencrypted fingerprint data, logs of facility access, security levels and clearance, and personal details of staff, after penetrating a poorly configured database of biometric security platform Biostar 2. The white hats, Noam Rotem and Ran Locar, say they got a “mumbled” response when they tried to disclose the vulnerability by phone, no response to emails and failed to reach owner Suprema’s GDPR compliance officer.

Read full article on CBR – CyberSecurity News