
Millions of unhashed fingerprints discovered on unsecured Elasticsearch DB - farukx
https://techerati.com/news-hub/biometrics-data-police-breach-cyber/
======
morrbo
This is EXACTLY the type of thing GDPR was designed to enforce. (Other than
uninformed tracking) pretty much this exact scenario. I hope the company gets
fined to the fullest extent, as this absolutely shameful. The researchers
attempting to contact 3 branches, with 2 turning them away/ignoring their
emails is just the icing on the cake.

~~~
tyingq
And plaintext passwords stored as well, on purpose, for auth...not
accidentally in log files.

