"They didn’t care about the risk, or they ignored the risk," said Marx. The data was on a memory card, so it would have been trivially easy to dispose of the data before selling the biometric scanners. Andy MacLennan, biometric trainer for Booz Allen. Marx expressed surprise that the US military didn't even attempt to protect the data. The HIIDE provides the BAT with wireless biometrics verification and in some cases a collection capability by storing up to 22 thousand profiles. Most of the records were from Kandahar, Afghanistan in the summer of 2012, but a second device had fingerprints and iris scans of US military personnel who were stationed in Jordan in 2013. It contained the names, national origins, photographs, fingerprints and iris scans of 2,632 people. According to a report in the New York Times, the Chaos Computer Club, which has a history of digging into biometrics, discovered the memory card on one of its purchased HIIDE devices had not been erased. A HIIDE collects fingerprints, iris scans, and photographs for facial recognition, and it stores that data on a memory card. The devices, known as Handheld Interagency Identity Detection Equipment (HIIDE), are designed to guarantee accurate identification of a person, even if their appearance has dramatically changed. They purchased a few military surplus biometric scanners on eBay to discover that, yes, they had purchased the biometric data of thousands of individuals. A group of researchers in Germany called the Chaos Computer Club, led by Matthias Marx, wondered if it was really that easy to get highly classified military data. In 2021, The Intercept reported that the Taliban had seized biometric devices left behind by the US military in Afghanistan, giving them identifiable information on those who worked with American forces.
0 Comments
Leave a Reply. |