A group of hackers bought biometric capture devices on eBay to see if they could find biometrics from people assisting the US military, and according to them, that’s exactly what they found Yahoo News.
When a group called Chaos Computer Clubaka CCC (the self-proclaimed “largest coalition of hackers” in Europe), read a story from 2021 the interception about the Taliban’s seizure of biometric devices, they wanted to see how easy it was to get the data or if it existed.
The devices, dubbed Handheld Interagency Identity Detection Equipment (HIIDE), were “used as a biometric ID tool to help identify locals working for the coalition,” a military contractor told the Intercept.
When the CCC found the devices listed on eBay, the group bought six, most of them under €200. A device bought for just $68 had the names, nationalities, photos, fingerprints and iris scans of 2,632 people. Most of the people identified on the device’s memory card came from Afghanistan and Iraq The New York Times.
Another device used in Jordan in 2013 contained fingerprints and iris scans of US soldiers. The New York Times confirmed with one of the people whose data was on the machine it was likely his, a Naval Intelligence specialist, who said his data was likely collected during a training course.
Another legally obtained device, called the Secure Electronic Enrollment Kit (SEEK II), contained data collected at “prison facilities, on patrols, during screening of local employees, and after the explosion of an improvised bomb.”
“It was disturbing that they didn’t even try to protect the data,” said one of the buyers, named Matthias Marx, of the files’ lack of encryption.
“They didn’t care about the risk, or they ignored the risk,” he continued.
The Department of Defense, of course, recommends that some or all devices containing such sensitive data be returned to authorities.
“Because we have not verified the information contained on the devices, the Department is unable to confirm the authenticity of the alleged data or otherwise comment,” said Brigadier General Patrick S. Ryder, Defense Department spokesman.
After analyzing the data and presenting the results at a German hacking eventAccording to the New York Times, the group says it will delete all sensitive data.
https://www.theblaze.com/news/researchers-find-biometric-info-soldiers Hackers are buying biometrics from US soldiers and allies on eBay