Biometric Information Exposed in Slot Machine Operator Data Breach

The owner of a popular slot machine chain has suffered an extensive data breach in which biometric data has been exposed.

As ZDNet reports, the chain, Dotty’s, has 200 locations across Illinois, Montana, Nevada, and Oregon, and operates an additional assortment of hotels and bars, as well as La Villita Casino. Officially operating under the name Nevada Restaurant Services (NRS), it’s a large organization, with a workforce of about 600 employees.

Now, NRS has revealed that a discovery of malware on its IT systems in January led to the realization that it had been the target of a cyberattack and data breach. The company has not disclosed the full extent of the data breach, but indicated in a statement that various kinds of customer personal identity information (PII) were exposed, including Social Insurance Numbers, state ID and driver’s license data, financial data, health insurance data, credit card information, and biometric data.

The incident offers another example of the perils of storing sensitive customer information, including biometric data, in improperly managed centralized databases, and of the escalating problem of data breaches more broadly, with even the Department of Homeland Security having seen biometric information exposed in a high-profile data breach incident in 2019.

“What business does a slot machine chain named Dotty’s have managing biometrics and PII? This incident is precisely why companies like Nevada Restaurant Services should never be storing or managing customers’ biometric data,” Acuity Market Intelligence principal Maxine Most told FindBiometrics. “It further underlines the serious need for third party Biometric Identity-as-a-Services providers.”

Most participated in the FindBiometrics Enterprise Biometrics Summit last week, wherein she and other industry experts like FaceTec’s Jay Meier, NIST’s Naomi Lefkovitz, and IDEMIA’s Tarvinder Sembhi spoke on the best practices for biometrics, privacy, and identity data management. As the event demonstrated, a growing contingent of experts is emerging within the biometrics and identity industry who assert incidents like the Dotty’s breach can be avoided by interfacing with secured systems of record, like the DMV, rather than entrusting large honeypots of PII and biometric data for companies to manage themselves.

NRS has not disclosed what type of biometric data has been exposed, nor what biometric technology is used within its facilities. But it may be worth noting that a growing number of casino operators have turned to facial recognition to identify banned individuals and to help curb gambling addiction.

In any case, NRS says that it is working to mail out notices to individuals known to be affected by the data breach, and that it “has worked to add further technical safeguards to its environment,” according to a statement from the company.

Related News

Sponsored Links

TECH5 is an international technology company founded by experts from the biometrics industry, which focuses on developing disruptive biometric and digital ID solutions through the application of AI and Machine Learning technologies.

TECH5 target markets include both Government and Private sectors with products powering Civil ID, Digital ID, as well as authentication solutions that deliver identity assurance for various use cases.

Learn more: www.tech5.ai

CMITech is a leading provider of high performance, cost effective iris recognition systems. The company is setting the industry standard for advanced user interfaces that are fast, intuitive and effortless. Serving enrollment and authentication solutions of all sizes, CMITech systems include binoculars-type, wall mount, desktop, and kiosk-type product configurations.

Onfido is building the new identity standard for the internet.Our AI-based technology assesses whether a user’s government-issued ID is genuine or fraudulent, and then compares it against their facial biometrics. That’s how we give companies like Revolut, Zipcar and Bitstamp the assurance they need to onboard customers remotely and securely. Our mission is to create a more open world, where identity is the key to access.. For more information, please visit www.onfido.com

ThreatMark brings trust to the digital world by providing cutting-edge fraud prevention solutions. Major banks use ThreatMark’s AI-powered technology and behavioral biometrics to build secured banking experience to precisely verify their legitimate users, seamlessly across all digital channels. All while securing the users’ most precious assets and keeping the fraudsters away. Learn more: www.threatmark.com/

With its secunet border gears product portfolio and specialised consulting expertise, secunet supports police forces and security authorities in their sovereign tasks. Whether ABC gates, self-service kiosks or biometric middleware – each component helps to strengthen identity protection and to accelerate verification – in mobile and stationary scenarios.

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs.

Related News

Footer

Follow Us