•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Amid rapid digital transformation, technology-enabled services used in everyday life are expanding quickly. One example is automated photo-taking services (photobooths) that use QR codes, which are increasingly common in major cities—particularly in shopping centers, events, festivals, and public spaces. Typically, users can take a photo, receive an on-site print, and download the digital image to their phone by scanning a QR code.
While the service offers convenience, cybersecurity warnings highlight a risk of personal data leakage if the underlying information systems do not meet security requirements. According to alerts from the cybersecurity community, many photobooth systems have vulnerabilities that can allow personal images to be accessed illegally and potentially become public on the internet without users’ knowledge. This can violate privacy and may be used to support cybercrimes online.
In Hanoi, photobooth stations have prompted the city’s police to warn residents about the risk of personal data leakage via QR codes.
As described in the warning, photobooths generally work in the following way: after taking a photo, the system stores the data on a server and provides the user with a link accessible through a QR code. When scanned, the QR code directs users to a page where they can download or share the image.
Experts say many systems rely on a simple method to generate links using sequential or otherwise easily guessed identifiers. If the system does not include access authentication controls, other people could alter the link to access someone else’s data.
This is described as a common security weakness that could expose photos—including personal or family images and other sensitive content—without the owner’s awareness.
Experts note that exploiting these weaknesses does not necessarily require highly sophisticated technical methods. If access is not tightly controlled, malicious actors could use automated tools to harvest data in large quantities.
They also warn that, with advances in AI and facial recognition, exposed image data could be used to forge identities, create fake profiles, commit fraud, or support other illicit activities on the internet.
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
