Facial Images, Fingerprints Compromised in Police Data Leak

facial images, data collection, exposed database, cybersecurity

Thousands of facial images and other biometric data were found in a compromised database.

  • The database had over 1.6 million documents, including fingerprints, facial images, and other personal information.
  • A significant number of data belonged to police officers and military personnel in India.

Thousands of fingerprints and facial images linked to police officers in India have been exposed online, emphasizing the increasing collection of biometric data.

Cybersecurity researcher, Jeremiah Fowler, told WIRED that he found an exposed web server linked to ThoughtGreen Technologies. It’s an IT development and outsourcing firm with offices in India, Australia, and the United States.

Buried in almost 500 gigabytes of data, he discovered a non-password database containing over 1.6 million documents, including personal information, such as fingerprints, facial scan images, signatures, and details of tattoos and scars on individuals’ bodies. The exposed database also contained birth certificates, diplomas, education certificates, and job applications.

Some of the documents were verification documents that were seemingly linked to Indian law enforcement or military personnel. To be exact, 284,535 files were labeled ‘Physical Efficiency Tests’ and related to police staff.

In his report on WebsitePlanet, Fowler also detailed how he found “several mobile applications and installation files compressed in .zip format.”

One of them was named “Facial Software Installation,” while others “stored images and documents presumably captured and transmitted through the application.”

If this exposed data were to land in cybercriminals or fraudsters’ hands, thousands would fall victim to identity theft, financial fraud, and other troubling consequences. As Fowler puts it, “You can change your name, you can change your bank information, but you can’t change your actual biometrics.”

While this is concerning on an individual level, the broader implications are much more worrisome. In the last decade or so, we’ve seen governments go out of their way to collect data on citizens and foreigners alike, starting with the United States after the 9/11 tragedy.

Over time, big tech companies became one of the major contributors to data collection. Some even collected facial images to train their software, which they then supplied to governments. The authorities then used the systems to enforce the law, even if the model was plagued with bias.

But we’ve become so accustomed to it that we often don’t notice this symbiotic relationship happening. These tech companies kept requesting more and more data from us under the guise of improving their offering. In actuality, they ever so slowly and meticulously enabled the creation of surveillance states. They’ve made totalitarianism disguised as Democracy trendy.

They are supplying governments with the needed information to manipulate their people like puppets. If this goes on any longer, Orwell’s 1984 will become a premonition rather than a cautionary dystopian novel.

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.