Facial recognition startup, Clearview AI, works with approximately 600 law enforcement agencies across North America. So, you would assume that Clearview has robust security.
However, according to The Daily Beast, some intruder was able to gain “unauthorized access” to its entire list of customers.
The notification sent by Clearview AI to its customers said that the intruder knows precisely how many accounts are set up by each customer, and the number of searches conducted by them.
Clearview’s database, which was built by accessing public photos from Facebook, Instagram, YouTube, and Venmo, has over 3 billion images. But fortunately, the intruder wasn’t able to access the database of those images.
Tor Ekeland, an attorney for Clearview AI, said that the company always prioritizes security and they instantly patched the vulnerability.
“Security is Clearview’s top priority. Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security,” said Tor Ekeland to The Daily Beast.
In the notification, Clearview AI did not describe the breach as a hack. Also, the facial recognition startup said that there was “no compromise of Clearview’s systems or network.”
However, David Forscey, the managing director of the no-profit Aspen Cybersecurity Group, thinks that the breach is concerning.
Forscey said that “as a law enforcement agency,” you would expect a service provider like Clearview AI “to have good security, and it seems like they don’t.”