Clearview AI, the controversial company working with police departments across the US, said someone with "unauthorized access" stole its client list.

The company sells a facial-recognition tool that lets police upload a photo of a face and search it against a database of billions of images scraped from social media to identify suspects.

A Clearview AI spokesperson confirmed to Business Insider that the breach, which The Daily Beast first reported, included the company's entire list of customers.

Visit Business Insider's homepage for more stories.

The full client list of Clearview AI, the embattled facial-recognition company, was stolen by someone with "unauthorized access," The Daily Beast first reported.

The company has drawn backlash from privacy advocates and major social-media platforms over its facial-recognition tool, which lets police use a photo of a person to search a database of images from social media and identify people based on their faces. The breach is notable because Clearview markets its services to law-enforcement agencies and has previously avoided disclosing who its clients are.

Tor Ekeland, Clearview AI's attorney, confirmed The Daily Beast's report in a statement to Business Insider. Ekeland said the breach didn't result from a hack into Clearview's servers but from a "flaw" that gave someone unauthorized access to the company's client list.

"Security is Clearview's top priority. Unfortunately, data breaches are part of life in the 21st century," Ekeland said, adding that the company would "continue to work to strengthen our security."

The New York Times reported in January that the company's customers included hundreds of law-enforcement agencies across the US and Canada, including the FBI and Department of Homeland Security.

The company is also looking to expand its client base — a spokesperson told Business Insider in February that Clearview's service has "received inquiries from law-enforcement agencies all over the world."

Facebook, Twitter, YouTube, and other companies have threatened legal action against Clearview AI, telling the company to stop scraping public images from their platforms to build its face database. Clearview founder and CEO Hoan Ton-That responded by saying that gathering publicly accessible photos is protected by the US Constitution's First Amendment.

If Clearview's list of clients is leaked to the public, analysts warn, it could lead to even broader backlash against the company.

"It will likely bring the public awareness, and mistrust, of facial recognition to a new level," Kjell Carlsson, an analyst with Forrester specializing in AI, told Business Insider.

Albert Liu, CEO of AI startup Kneron, told Business Insider that the fact that Clearview maintains a database of faces raises inherent security concerns, especially after this breach.

"One of the major risks with AI software, despite how groundbreaking it is, is that it relies on these massive databases and the amount of sensitive information stored on these platforms," Liu said.

Got a tip? Contact Aaron Holmes at (706) 347-1880 or at aholmes@businessinsider.com . Open DMs on Twitter at @aaronpholmes. You can also contact Business Insider securely via SecureDrop.