Facial Recognition Company Hacked

Uploaded on 2020-03-11 in TECHNOLOGY--Developments, GOVERNMENT-Law Enforcement, FREE TO VIEW

Clearview AI, that works with the US law enforcement community with its facial recognition software, has had a hacker exploit a security flaw and steal its entire client list. The company , whose database has collected over 3 billion photos has suffered a data breach. 

The data stolen in the hack included the firm’s entire customer list, which will include multiple law enforcement agencies, along with information such as the number of searches they had made and how many accounts they’d set up. Clearview AI say the huge database of images was not part of the breach.
 
The exact nature and source of the breach remains unknown at this time. The company says it’s patched the vulnerability and insists its servers were not accessed. Based on the sensitive nature of its work, there’s plenty of reason for concern. Clearview says it works with law enforcement agencies and the company claims that not only does its clientele include hundreds of police stations, it also services the FBI and DHS. A leaked list of Clearview AI’s clients shows that the controversial company’s facial recognition software has spread way beyond law enforcement, into household names. 

Clearview claims to have scraped more than three billion images from websites and social media platforms into a database that police can use to match with photos of suspects.

They include retailers (Walmart, Kohl’s, BestBuy and Macy’s); banks (Wells Fargo and Bank of America), sports leagues (the NBA); entertainment venues (Madison Square Garden), mobile carriers (AT&T, Verizon, and T-Mobile); casinos (Las Vegas Sands and Pechanga Resort Casino); gyms (Equinox); ticketing platforms (Eventbrite); and cryptocurrency exchanges (Coinbase).

Clearview’s focus on law enforcement would suggest that other companies would find similar security uses, such as identifying shoplifters in stores and potential trouble-makers at basketball games. But this could quickly lead to the unconsented profiling of innocent consumers and passersby.

Clearview’s system, the company says, is “an after-the-fact research tool. Clearview is not a surveillance system and is not built like one. For example, analysts upload images from crime scenes and compare them to publicly available images.”

In doing so, it says, it has the power to help its clients, which include police departments, ICE, Macy’s, Walmart, and the FBI, says a recent Buzzfeed report to stop criminals: “Clearview helps to identify child molesters, murderers, suspected terrorists, and other dangerous people quickly, accurately, and reliably to keep our families and communities safe.”

Clearview AI hit the news recently when the New York Times detailed how the company’s facial recognition program had scraped sources including Facebook and Twitter to build its massive database. 

If you live in California, under the rules of the newly enacted California Consumer Privacy Act, you can see what Clearview has gathered on you, and request that they stop it.

Buzzfeed:      Coindesk:     The Next Web:       Forbes:    

You Might Also Read:

AI Will Find You In The Crowd:

 

« The Hot Jobs In Cyber Security & How To Get One
Cyber Criminals Target UK Motorists »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

OSSEC

OSSEC

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS).

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

African Cyber Security

African Cyber Security

African Cyber Security and it's partners, have the expertise and skills to provide holistic solutions for companies, institutions and government.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.

AmiViz

AmiViz

AmiViz is the first B2B enterprise marketplace focussed on Cybersecurity business in the Middle East and Africa, designed specially to serve the interests of enterprise resellers and vendors.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.