Mar 05, 2020, 16:47 pm
Clearview AI, which contracts with law enforcement after reportedly scraping 3 billion images from the web, now says someone got “unauthorized access” to its list of customers.
The company reported that an intruder stole its entire client list, according to a notification the company sent to its customers.
In the notification, the startup disclosed to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts those customers had set up, and to the number of searches its customers have conducted. The notification said the company’s servers were not breached and that there was “no compromise of Clearview’s systems or network.” The company also said it fixed the vulnerability and that the intruder did not obtain any law-enforcement agencies’ search histories.
The firm drew national attention when The New York Times ran a front-page story about its work with law-enforcement agencies. The Times reported that the company scraped 3 billion images from the internet, including from Facebook, YouTube, and Venmo. That process violated Facebook’s terms of service, according to the paper. It also created a resource that drew the attention of hundreds of law-enforcement agencies, including the FBI and the Department of Homeland Security, according to that report.
The notification did not describe the breach as a hack. David Forscey, the managing director of the no-profit Aspen Cybersecurity Group, said the breach is concerning.
https://www.thedailybeast.com/clearview-...was-stolen
https://www.nytimes.com/2020/01/18/techn...Position=1
The company reported that an intruder stole its entire client list, according to a notification the company sent to its customers.
In the notification, the startup disclosed to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts those customers had set up, and to the number of searches its customers have conducted. The notification said the company’s servers were not breached and that there was “no compromise of Clearview’s systems or network.” The company also said it fixed the vulnerability and that the intruder did not obtain any law-enforcement agencies’ search histories.
The firm drew national attention when The New York Times ran a front-page story about its work with law-enforcement agencies. The Times reported that the company scraped 3 billion images from the internet, including from Facebook, YouTube, and Venmo. That process violated Facebook’s terms of service, according to the paper. It also created a resource that drew the attention of hundreds of law-enforcement agencies, including the FBI and the Department of Homeland Security, according to that report.
The notification did not describe the breach as a hack. David Forscey, the managing director of the no-profit Aspen Cybersecurity Group, said the breach is concerning.
Quote:“If you’re a law-enforcement agency, it’s a big deal, because you depend on Clearview as a service provider to have good security, and it seems like they don’t,” Forscey said.
https://www.thedailybeast.com/clearview-...was-stolen
https://www.nytimes.com/2020/01/18/techn...Position=1