Iris scans, fingerprints, and photos of over 2,600 people were found unencrypted and protected by a default password.
Old US military equipment being sold on eBay contained what appears to be biometric data from troops, known terrorists, and people who may have worked with American forces in Afghanistan and other countries in the Middle East, according to a report from The New York Times. The devices were purchased by a group of hackers, who found fingerprints, iris scans, peoples’ pictures, and descriptions, all unencrypted and protected by a “well-documented” default password. In a blog post, the hackers called getting at the sensitive data “downright boring,” given how easy it was to read, copy, and analyze.