For Sale on eBay: A Military Database of Fingerprints and Iris Scans

https://www.nytimes.com/2022/12/27/technology/for-sale-on-ebay-a-military-database-of-fingerprints-and-iris-scans.html

No paywall
https://archive.vn/8nAEc

The shoebox-shaped device, designed to capture fingerprints and perform iris scans, was listed on eBay for $149.95. A German security researcher, Matthias Marx, successfully offered $68, and when it arrived at his home in Hamburg in August, the rugged, hand-held machine contained more than what was promised in the listing.

The device’s memory card held the names, nationalities, photographs, fingerprints and iris scans of 2,632 people.

Most people in the database, which was reviewed by The New York Times, were from Afghanistan and Iraq. Many were known terrorists and wanted individuals, but others appeared to be people who had worked with the U.S. government or simply been stopped at checkpoints. Metadata on the device, called a Secure Electronic Enrollment Kit, or SEEK II, revealed that it had last been used in the summer of 2012 near Kandahar, Afghanistan.

The device — a relic of the vast biometric collection system the Pentagon built in the years after the Sept. 11, 2001, attacks — is a physical reminder that although the United States has moved on from the wars in Afghanistan and Iraq, the tools built to fight them and the information they held live on in ways unintended by their creators.

Exactly how the device ended up going from the battlefields in Asia to an online auction site is unclear. But the data, which offers detailed descriptions of individuals in addition to their photograph and biometric data, could be enough to target people who were previously unknown to have worked with U.S. military forces should the information fall into the wrong hands.

*snip*