Suprema rejects biometic leak report
21 August 2019 15:12 GMT

South Korea-headquartered Suprema  has played down reports its software exposed "a million" fingerprints, making them vulnerable to hackers on the web.

"We were made aware some BioStar 2 customer data was accessed by third-party security researchers without authorization for a limited period of time. There are no indications that the data was downloaded during the incident based on the investigation to date.

"Please rest assured that this incident relates to a limited number of BioStar 2 Cloud API users. The vast majority of Suprema customers do not use BioStar 2 Cloud API in their access control and time management solutions." 

"We launched an internal investigation and immediately closed the access point. We also engaged a leading global forensics firm to conduct an in-depth investigation into the incident. Based on their investigation to date, they have confirmed that no further access has occurred and that the scope of potentially affected users is significantly less than recent public speculation."

The firm adds that it is currently in the process of identifying potentially affected parties and engaging the relevant authorities and regulators.