Highly sensitive biometric data of over 2,600 Afghans and Iraqis was found on United States’ military devices, bought online by a hackers association called ‘Chaos, Computer, Club’ (CCC). This unprotected biometric database included names, fingerprints, iris scans, DNA, and faces and photographs of people from the two countries, as per CCC. According to The Verge, the devices were bought by the CCC at $68 and were also available on eBay. CCC’s investigation into these devices, reportedly left behind during the hasty withdrawal of NATO troops, highlights that the US military largely relied upon biometric devices to identify and screen people in Afghanistan at checkpoints, patrol points and controlled access to such personal information by local collaborators. The data collection was under ‘Automated Biometric Identification System’ program and was supported by the German armed forces, Bundeswehr, CCC notes in its blog. What did the group find? The CCC members came across several offers at an online auction house for the sale of these devices. They acquired four devices of the type SEEK II (Secure Electronic Enrollment Kit) and two devices of type HIIDE 5 (Handheld Interagency Identity Detection Equipment), which were forensically examined. The CCC found that all storage memory cards of these devices were unencrypted and with a “well-documented standard password” one could access them easily. CCC’s research informs that they were able to read, copy and analyse the data without any difficulty. The devices bought online contained names and biometric data of two US military personnel, GPS coordinates of past…
