According to a report from The New York Times, German investigators who bought biometric recording devices on eBay discovered US private military information on their memory cards.
Said to have come from Iraq and Afghanistan, this dataset contained names, fingerprints, iris scans, photographs, names and other details of certain individuals.
(Photo: Chris Hondros/Getty Images)
DAND DISTRICT, KANDAHAR PROVINCE – JUNE 14: A US Army soldier in the 1-71 Cavalry scans the eye of a member of the Afghan National Police for identification purposes with a handheld biometric device June 14, 2010 in rural Dand District, just north of south of Kandahar, Afghanistan.
Chaos computer club
According to the report, several of them worked with the US military and could be targeted if the gadgets end up in the wrong hands.
Six of the gadgets were purchased on eBay by the Chaos Computer Club, a team of academics led by Matthias Marx, for an average price of less than $200.
They were motivated by a 2021 The Intercept report claiming that the Taliban had taken similar US military biometric equipment.
The team sought to determine whether they contained information about those who supported the US military that could put them at risk.
They discovered photos, iris scans, names, nationalities and fingerprints of 2,632 people on one of the gadget’s memory cards.
The team said it was used in the summer of 2012 near Kandahar, Afghanistan, based on additional metadata.
Another gadget, used in Jordan in 2013, contained fingerprints and iris scans of a small number of US military personnel.
According to a 2011 handbook, the gadgets were used to locate rebels, confirm access of local and foreign nationals to U.S. bases, and link individuals to incidents.
Marx said he was disturbed that the US military allegedly failed to protect data.
Read also: Pentagon awards $9 billion contracts to Google, Amazon, Oracle and Microsoft to build cloud computing network for US military
One device was bought at a military auction and the seller said they had no idea it contained private information. According to the researchers, the US military could have mitigated the risk by simply removing the memory cards before selling them, because the private data was on them.
“Because we have not reviewed the information on the devices, the department cannot confirm the authenticity of the alleged data or otherwise comment on it,” said Defense Department press secretary Brig. General Patrick S. Ryder said in an interview with NYT.
The department is now asking anyone who handles a device containing personally identifiable information to return it to them for further investigation.
The team plans to delete any personally identifiable information discovered on the devices due to the sensitivity of the data. The US government, according to one of the researchers, should grant asylum to anyone found on such gadgets, even if they have replaced their identity with a new one.
Related article: The US military will use “high-altitude hot air balloons” to prevent hypersonic missiles against China and Russia
ⓒ 2022 TECHTIMES.com All rights reserved. Do not reproduce without permission.