A data breach has exposed the photos and license plate numbers of travelers in and out of the United States, Customs and Border Protection has confirmed. Responding to an inquiry from U.S. technology website Tech Crunch, CBP said the photos were transferred to a subcontractor’s network and later stolen through a “malicious cyberattack.” CBP first learned of the attack on May 31.
“CBP learned that a subcontractor, in violation of CBP policies and without CBP’s authorization or knowledge, had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network,” said the agency in a statement.“Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract.”
CBP said the attack affected “fewer than 100,000 people,” through a “few specific lanes at a single land border” over a period of a month and a half.
The federal agency said no passport or other travel document photographs were compromised, and that no images of airline passengers from the air entry/exit process were involved.
CBP did not name the subcontractor through which the breach occurred.
According to Tech Crunch, Ron Wyden, a Democratic senator vocal on national security issues, said the government “needs to explain exactly how it intends to prevent this kind of breach from happening in the future.”
“This incident should be a lesson to those who have supported expanding government surveillance powers – these vast troves of Americans’ personal information are a ripe target for attackers,” Mr. Wyden added.
Tags: customs and border protection
Share On Facebook
Tweet It
