"On top of finding it surprisingly easy to access data gathered by Persona, the research showed that faces and biometrics were not just being scanned for age verification, but flagged for suspicious behaviour and bounced off watchlists as well. To some this may not sound like an Orwellian level of intrusion (or to people who don't worry about their face being deemed 'suspicious'), until you remember Persona's full network."
"Last week, Discord users reported prompts to submit personal information to Persona , a third-party age-verification service. As Discord commits to universal age-verification, the new measures have come under intense scrutiny after previous security failures . Now a trio of hacktivists say they've successfully breached Persona, getting a closer look at how the company uses submitted biometrics. They say their findings raise alarms beyond leaks."
Discord prompted users to submit personal information to Persona for age verification, prompting scrutiny due to Persona's past security failures. Hacktivists breached Persona's systems and accessed stored biometric and facial-scan data. The breach showed biometrics were used beyond age checks: faces were flagged for suspicious behavior and compared against watchlists. The investigation revealed weak front-end security and broader surveillance across commercial AI and federal operations. Persona received $150 million in 2021 from Founders Fund, linking the service into a larger data ecosystem associated with Peter Thiel and Palantir. The compromise raises urgent privacy and oversight concerns for universal age verification.
Read at Kotaku
Unable to calculate read time
Collection
[
|
...
]