#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

biometric data | Breaking Cybersecurity News | The Hacker News

Category — biometric data
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection

Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection

May 10, 2025 Biometric Data / Privacy
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40 states. In January 2023, it paid $29.5 million to Indiana and Washington. Later that September, it forked out another $93 million to settle with California. The case, originally filed in 2022, related to unlawful tracking and collection of user data, regarding geolocation , incognito searches , and biometric data , tracking users' whereabouts even when the Location History setting was disabled and collecting the biometric data without informed consent. "For years, Google secretly tracked people's movements, private searches, and even their voiceprints and facial geometry...
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

Dec 31, 2025 Data Security / Privacy
The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens' personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela. "This final rule is a crucial step forward in addressing the extraordinary national security threat posed of our adversaries exploiting Americans' most sensitive personal data," said Assistant Attorney General Matthew G. Olsen of the Justice Department's National Security Division. "This powerful new national-security program is designed to ensure that Americans' personal data is no longer permitted to be sold to hostile foreign powers, whether through outright purchase or other means of commercial access." Back in February 2024, U.S. President Joe Biden signed an executive order to address the national security risk posed by unauthorized access to Americans' sensitiv...
Entra ID Data Protection: Essential or Overkill?

Entra ID Data Protection: Essential or Overkill?

May 06, 2025SaaS Security / Identity Management
Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authentication, enforcing policy, and connecting users across distributed environments. That prominence also makes it a prime target. Microsoft reports over 600 million attacks on Entra ID every day. These aren't just random attempts, but include coordinated, persistent, and increasingly automated campaigns designed to exploit even small vulnerabilities. Which brings us to the core question: Are Entra ID's native protections enough? Where do they fall short — and what steps should you take to close the gaps and ensure you're covered? Understanding Entra ID At its core, Microsoft Entra ID is your enterprise identity and access management system. It defines how users prove who they are, what resources...
Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics

Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics

Apr 28, 2020
Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information. The details come from a newly published research titled "Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and Devices" by a group of academics from the University of Liverpool, New York University, The Chinese University of Hong Kong, and University at Buffalo SUNY. "Prior studies on identity theft only consider the attack goal for a single type of identity, either for device IDs or biometrics," Chris Xiaoxuan Lu, Assistant Professor at the University of Liverpool, told The Hacker News in an email interview. "The missing part, however, is to explore the feasibility of compromising the two types of identities simultaneously and deeply understand their correlation in multi-modal IoT environments." The researchers presented the findings at the Web Conference 2020 held...
cyber security

The State of GRC 2025: From Cost Center to Strategic Business Driver

websiteDrataGovernance, Risk and Compliance
Drata's report takes a look at how GRC professionals are approaching data protection regulations, AI, and the ability to maintain customer trust.
LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers

LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers

Feb 19, 2019
Why would someone bother to hack a so-called "ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls," when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym "Elliot Alderson" on Twitter, with the help of an Indian researcher, who wants to remain anonymous, discovered that the official website of popular state-owned LPG gas company Indane is leaking personal details of its millions of customers, including their Aadhaar numbers. This is not the first time when an unprotected third-party database has leaked Aadhaar details of Indian citizens, which is a unique number assigned to each citizen as part of India's biometric identity programme maintained by the government's Unique Identification Authority of India (UIDAI). Earlier this week an anonymous Indian researcher initially discovered a loophole in the Indane's online...
Cardiac Scan Authentication — Your Heart As Your Password

Cardiac Scan Authentication — Your Heart As Your Password

Sep 27, 2017
Forget fingerprint authentication, retinal scanning or advanced facial recognition that has recently been implemented by Apple in its iPhone X—researchers developed a new authentication system that doesn't require any of your interaction, as simply being near your device is more than enough. A group of computer scientists at the University of Buffalo, New York, have developed a new cardiac-scan authentication system that uses your heart's shape and size as a unique biometric to identify and authenticate you. Dubbed Cardiac Scan , the new authentication system makes use of low-level Doppler radar to wirelessly and continuously map out the dimensions of your beating heart, granting you access to your device so long as you're near it. In simple words, your office device should be able to recognise that it is you sitting in front of the computer, and sign you in without any password or interaction, and automatically should log you out if you step away from your compute...
Here's How CIA Spies On Its Intelligence Liaison Partners Around the World

Here's How CIA Spies On Its Intelligence Liaison Partners Around the World

Aug 24, 2017
WikiLeaks has just published another Vault 7 leak, revealing how the CIA spies on their intelligence partners around the world, including FBI, DHS and the NSA, to covertly collect data from their systems. The CIA offers a biometric collection system—with predefined hardware, operating system, and software—to its intelligence liaison partners around the world that helps them voluntary share collected biometric data on their systems with each other. But since no agency share all of its collected biometric data with others, the Office of Technical Services (OTS) within CIA developed a tool to secretly exfiltrate data collections from their systems. Dubbed ExpressLane , the newly revealed CIA project details about the spying software that the CIA agents manually installs as part of a routine upgrade to the Biometric system. The leaked CIA documents reveal that the OTS officers, who maintain biometric collection systems installed at liaison services, visit their premises and se...
Expert Insights Articles Videos
Cybersecurity Resources