Images of travelers, license plates stolen from CBP subcontractor
- By Adam Mazmanian
- Jun 11, 2019
Images of travelers and license plates crossing the border were stolen when hackers breached the network of a Customs and Border Protection subcontractor.
On May 31 CBP learned that without its authorization, a subcontractor had transferred a database containing copies of the images on its own network, which was "subsequently compromised by a malicious cyber-attack," according to a CBP statement. According to the statement, the agency networks were not hacked in the incident.
The breach involved images of fewer than 100,000 individuals, a CBP spokesperson said in an emailed update. The photographs were of vehicles coming and going through "a few specific lanes" at a land border entry point over a period of one-and-a-half months. According to CBP, the images did not include any identifying information about the individuals involved.
The agency did not indicate what subcontractor or what program was involved in the breach, but a statement cited in a Washington Post report suggested that Perceptics, which makes license plate reader technology, was involved.
CBP said in its June 10 statement that it had "removed from service all equipment related to the breach and is closely monitoring all CBP work by the subcontractor." The spokesperson also noted that "as of today, none of the image data has been identified on the Dark Web or internet."
Rep. Bennie Thompson (D-Miss.), the chairman of the House Homeland Security Committee, reacted to the news with the announcement he would hold hearings on DHS use of biometrics next month.
"Government use of biometric and personal identifiable information can be valuable tools only if utilized properly. Unfortunately, this is the second major privacy breach at DHS this year. We must ensure we are not expanding the use of biometrics at the expense of the privacy of the American public," Thompson said.
The breach comes as CBP increases its reliance on facial recognition technology to authenticate international travelers and Congress looks at tightening security of the government IT supply chain.
A longer version of this article was first posted on FCW, a sibling site to GCN.
Adam Mazmanian is executive editor of FCW.
Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.
Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.