A cyber attack on a subcontractor engaged by U.S. Customs and Border Protection (CPB) might have compromised the personal privacy of tens of travelers crossing an unnamed land border over a period of a month and a half. The exact identity of this engaged subcontractor has not been made public by CPB.
A cyber attack on a subcontractor used by U.S. Customs and Border Protection (CBP) may have compromised the personal privacy of tens of thousands of travelers, reports The Washington Post. The exact name of the subcontractor involved has not been identified by the agency, but the breach is said to have involved less than 100,000 people, according to CBP. However, a Microsoft Word document of CBP’s press release of the breach was sent to The Washington Post reporters which included the title “CPB Perceptics Public Statement.”
Perceptics, based in Tennessee, provides automated license plate readers to border security agencies. They’ve installed license plate readers at 43 U.S. Border Patrol checkpoint lanes.
The CBP was made aware of this breach back on May 31st. The incident is said to involve photos of travelers entering and exiting the United States over a period of a month and a half at an unidentified land border.
In addition to the faces of individual travelers, the outlet also reports that the compromised images include license plate details.
The outlet explained that while the agency uses these kinds of images as part of its burgeoning facial recognition initiative, this breach has raised questions over how this kind of incident could compromise individual privacy.
According to the paper, authorities with the agency have offered reassurance that no additional personal information has been compromised.
Speaking out about the breach, Senator Ron Wyden (D-Ore.), told the outlet, “If the government collects sensitive information about Americans, it is responsible for protecting it — and that’s just as true if it contracts with a private company. Anyone whose information was compromised should be notified by Customs, and the government needs to explain exactly how it intends to prevent this kind of breach from happening in the future.”
Neema Singh Guliani, senior legislative counsel at the American Civil Liberties Union (ACLU), also offered her comments on the incident, saying, “This breach comes just as CBP seeks to expand its massive face recognition apparatus and collection of sensitive information from travelers, including license plate information and social media identifiers. This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices. The best way to avoid breaches of sensitive personal data is not to collect and retain it in the first place.”
[Featured Image: Shutterstock]