In addition to the images themselves, the hackers gained access to Clearview’s customer list. This included the number of accounts each customer has on file and the number of searches each customer made against the image database.
Clearview has already sent a notification out to their clients, which read in part as follows:
“Security is Clearview’s top priority. Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security.”
Clearview’s business model has gotten it into some trouble since they first started. The company is in the habit of scraping images from big-name sites around the web, many of which have issued cease and desist orders against the firm. Although the company has complied with these orders, they did not return the images scraped. That allowed them to very quickly compile a database of unprecedented size, scope and scale.
Unfortunately, their massive database has also made them a tempting target. It’s really no surprise that hackers made the attempt and that ultimately, that attempt succeeded.
Clearview’s security practices are quite good and the company has a number of built in safeguards to protect the integrity of the data they collect. Clearly though, the hackers have the upper hand here, a fact which is not likely to change anytime soon. Given that, we can expect to see more attacks like this going forward and the potential damage could be catastrophic, given who this company’s customers are.