Menu Close

Website of biometric ‘homeless management system’ provider hacked

The website of Odin Intelligence, a provider of technology that includes face biometrics to law enforcement and emergency services, has been defaced by unidentified hackers on Sunday.

The hack, reported by TechCrunch, follows a Wired report last week suggesting that an app developed by the company, SweepWizard, had a critical security vulnerability that enabled attackers to access the personal information of police suspects and sensitive details of upcoming police operations.

The data breach comes almost a year after reports first detailed the company’s ‘Homeless Management Information System’ that provides face biometrics to enable law enforcement to identify homeless people.

“It appears that previous controversy and the current dismissive attitude toward a reported vulnerability was the catalyst to drive this defacement,” Erich Kron, security awareness advocate at KnowBe4, tells Biometric Update in an email.

“In addition, it appears that significant amounts of data were also exfiltrated, a common tactic in both the general cybercriminal and ransomware actors playbook.”

In fact, according to TechCrunch, more than 16GB of data was stolen from Odin’s organization, including sex offenders’ data and information related to the SweepWizard app.

“Organizations that deal in sensitive information, whether it’s law enforcement-related or more typical data, need to take cybersecurity very seriously,” Kron adds. “This is especially true when a potentially significant vulnerability is reported to the organization.”

The Odin Intelligence website was taken offline following the hack and remains inactive at the time of writing. The website of Odin Intelligence, a provider of technology that includes face biometrics to law enforcement and emergency services, has been defaced by unidentified hackers on Sunday.

The hack, reported by TechCrunch, follows a Wired report last week suggesting that an app developed by the company, SweepWizard, had a critical security vulnerability that enabled attackers to access the personal information of police suspects and sensitive details of upcoming police operations.

The data breach comes almost a year after reports first detailed the company’s ‘Homeless Management Information System’ that provides face biometrics to enable law enforcement to identify homeless people.

“It appears that previous controversy and the current dismissive attitude toward a reported vulnerability was the catalyst to drive this defacement,” Erich Kron, security awareness advocate at KnowBe4, tells Biometric Update in an email.

“In addition, it appears that significant amounts of data were also exfiltrated, a common tactic in both the general cybercriminal and ransomware actors playbook.”

In fact, according to TechCrunch, more than 16GB of data was stolen from Odin’s organization, including sex offenders’ data and information related to the SweepWizard app.

“Organizations that deal in sensitive information, whether it’s law enforcement-related or more typical data, need to take cybersecurity very seriously,” Kron adds. “This is especially true when a potentially significant vulnerability is reported to the organization.”

The Odin Intelligence website was taken offline following the hack and remains inactive at the time of writing.  Read More   

Generated by Feedzy

Disclaimer

Innov8 is owned and operated by Rolling Rock Ventures. The information on this website is for general information purposes only. Any information obtained from this website should be reviewed with appropriate parties if there is any concern about the details reported herein. Innov8 is not responsible for its contents, accuracies, and any inaccuracies. Nothing on this site should be construed as professional advice for any individual or situation. This website includes information and content from external sites that is attributed accordingly and is not the intellectual property of Innov8. All feeds ("RSS Feed") and/or their contents contain material which is derived in whole or in part from material supplied by third parties and is protected by national and international copyright and trademark laws. The Site processes all information automatically using automated software without any human intervention or screening. Therefore, the Site is not responsible for any (part) of this content. The copyright of the feeds', including pictures and graphics, and its content belongs to its author or publisher.  Views and statements expressed in the content do not necessarily reflect those of Innov8 or its staff. Care and due diligence has been taken to maintain the accuracy of the information provided on this website. However, neither Innov8 nor the owners, attorneys, management, editorial team or any writers or employees are responsible for its content, errors or any consequences arising from use of the information provided on this website. The Site may modify, suspend, or discontinue any aspect of the RSS Feed at any time, including, without limitation, the availability of any Site content.  The User agrees that all RSS Feeds and news articles are for personal use only and that the User may not resell, lease, license, assign, redistribute or otherwise transfer any portion of the RSS Feed without attribution to the Site and to its originating author. The Site does not represent or warrant that every action taken with regard to your account and related activities in connection with the RSS Feed, including, without limitation, the Site Content, will be lawful in any particular jurisdiction. It is incumbent upon the user to know the laws that pertain to you in your jurisdiction and act lawfully at all times when using the RSS Feed, including, without limitation, the Site Content.  

Close Bitnami banner
Bitnami