AXIOS CHINA Bill Bishop
Dutch security researcher Victor Gevers says he discovered what appears to be a facial recognition database of more than 2.5 million users in the Xinjinag region, exposed online in one of SenseNets' MongoDB databases before it was placed behind a firewall.
Gevers told ZDNet that the database contained information on 2,565,724 users, along with a stream of GPS coordinates that came in at a rapid pace.
The user data wasn't just benign usernames, but highly detailed and highly sensitive information that someone would usually find on an ID card, Gevers said...
The database also contained a list of "trackers" and associated GPS coordinates. Based on the company's website, these trackers appear to be the locations of public cameras from where video had been captured and was being analyzed.
Some of the descriptive names associated with the "trackers" contained terms such as "mosque," "hotel," "police station," "internet cafe," "restaurant," and other places where public cameras would normally be found.
Gevers told ZDNet that these coordinates were all located in China's Xinjiang province, the home of China's Uyghur Muslim minority population.
Why it matters: This is another reminder of the scale of surveillance, and the use of global tools to power that surveillance. The Mongo DB database was developed by NASDAQ-listed MongoDB.