Security lapse exposed a Chinese smart city surveillance system – TechCrunch

What happened: A security researcher has found an unprotected smart city database containing hundreds of facial recognition scans from Beijing’s diplomatic district, Liangmaqiao. The database was hosted by Chinese public cloud provider Alibaba Cloud and went unprotected for weeks, according to TechCrunch. The system contained information relating to people’s movements, their ethnicities, and whether they were of interest or wanted by the police. The database also included names and ID numbers. It is unclear who owns the database and corresponding surveillance system.

Why it’s important: The incident is the latest in a slew of open databases being found containing sensitive personal information gleaned from surveillance systems around the country. One such database, discovered by Dutch security researcher Victor Gevers, included information about internet cafe goers, including social media and messaging data, as well as names and ID numbers. With the ubiquity of surveillance and smart city systems come risks of hacks and data leaks. However, recent incidents show that incompetence is the greatest danger, with sensitive information being left in the open without adequate protection.

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

What you get

Full access to all premium content and our full archives

Members'-only newsletters

Preferential access and discounts to all TechNode events

Direct access to the TechNode newsroom

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

Chris Udemans

Christopher Udemans is a Shanghai-based data and graphics reporter. He covers Chinese artificial intelligence, mobility, and cybersecurity. You can contact him at chrisudemans [at] technode [dot] com.