The U.S. Customs and Border Protection has revealed that a database containing tens of thousands of images of travelers entering and leaving the United States has been hacked and stolen, reports BuzzFeed News. The Border Patrol isn’t the one at fault here, however. In a statement, the organization revealed that one of its subcontractors violated CBP policy without the organization’s knowledge by transferring copies of license plate images and traveler images to the subcontractor’s company’s network. That network was then compromised by a “malicious cyberattack.”
The CBP confirmed that the images of people and license plates obtained in the hack came through specific lanes at a single port of entry into the United States, without revealing which port of entry that was. The CBP also confirmed that the images compromised cover a one and a half month period and that less than 100,000 people had their information compromised by the attack.
Though government systems were not breached in the attack, the incident highlights how vulnerable our data is at a time when governmental organizations are collecting more data about people than ever before. And as this hack shows, that data is very valuable to hackers and bad actors across the globe. You can read the CBP’s statement on the incident below:
On May 31, 2019, CBP learned that a subcontractor, in violation of CBP policies and without CBP’s authorization or knowledge, had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network. The subcontractor’s network was subsequently compromised by a malicious cyber-attack. No CBP systems were compromised.
Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract. As of today, none of the image data has been identified on the Dark Web or internet. CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Professional Responsibility to actively investigate the incident. CBP will unwaveringly work with all partners to determine the extent of the breach and the appropriate response.
CBP has removed from service all equipment related to the breach and is closely monitoring all CBP work by the subcontractor. CBP requires that all contractors and service providers maintain appropriate data integrity and cybersecurity controls and follow all incident response notification and remediation procedures. CBP takes its privacy and cybersecurity responsibilities very seriously and demands all contractors to do the same.