[BreachExchange] Clearview AI loses entire database of faceprint-buying clients to hackers

[Richard Forno]

Clearview AI loses entire database of faceprint-buying clients to hackers
by Lisa Vaas

Clearview AI, the controversial facial recognition startup that’s gobbled up more than three billion of our photos by scraping social  media sites and any other publicly accessible nook and cranny it can find, has lost its entire list of clients to hackers – including details about its many law enforcement clients.

In a notification that The Daily Beast reviewed, the company told its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts they’ve set up, and to the number of searches they’ve run.

The disclosure also claimed that Clearview’s servers hadn’t been breached and that there was “no compromise of Clearview’s systems or network.” The company said that it’s patched the unspecified hole that let the intruder in, and that whoever it was didn’t manage to get their hands on customers’ search histories.

Tor Ekeland, an attorney for Clearview, sent a statement to news outlets saying that breaches are just a fact of life nowadays:

Security is Clearview’s top priority. Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security.

< - >

https://nakedsecurity.sophos.com/2020/02/28/clearview-ai-loses-entire-database-of-faceprint-buying-clients-to-hackers/