The facial recognition company Clearview AI is informing customers that a hacker stole its entire client list.
Clearview AI gained unwanted notoriety earlier this year when it was disclosed that the company was obtaining billions of photos by scraping the internet for use by law enforcement agencies. Now the company has sent a notification to its customer base saying someone gained access to its customer list learning the number of user accounts created and to the number of searches conducted by its customers, The Daily Beast reported.
This revelation may also lead to additional negative scrutiny of both the company and possibly local police departments if the list of agencies involved is made public, an act Forrester Research senior analyst Kjell Carlsson believes will happen.
“There is a high likelihood that Clearview’s client list will get into the hands of the public, with people in cities across the globe finding out that their local law enforcement agencies were testing or using Clearview, prompting a public backlash similar to what we’ve already seen when it comes to Clearview being used in the London Metropolitan Police," he said.
While Carlosson does think public anger may slowdown adoption of facial recognition software by these agencies, it will not stop its implementation. It is simply to effective and useful , he said.
Clearview AI is claiming the vulnerability has been patched and that its system and network were not involved in the breach.
“Although this breach didn’t involve customer data, with such a high profile company, it's important to keep your data private and secure. Any breach, regardless of what data was leaked, is likely to have lasting impact, and this holds true for something as sensitive as a client list for a controversial company like Clearview AI,” said Brian Warehime, principal threat researcher at ZeroFOX.