CBP says traveler and license plate images were stolen in data breach

Zack Whittaker reports:

U.S. Customs and Border Protection has confirmed a data breach has involved the photos of passengers traveling in and out of the United States.

The photos were obtained from a subcontractor’s network through a “malicious cyberattack,” a CBP spokesperson told TechCrunch. The agency first learned of the breach on May 31.

“CBP learned that a subcontractor, in violation of CBP policies and without CBP’s authorization or knowledge, had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network,” said a statement.

Read more on TechCrunch.

Update: DataBreaches.net had emailed CBP to ask if the contractor was Perceptics, a business recently hacked by “Boris Bullet-Dodger,” a name derived from a crime comedy film in 2000 called “Snatch.”  While this site has not yet received a response from CPB, it appears that CPB left the word “Perceptics” in a statement it sent to the Washington Post.  So it appears that it was Perceptics and if so, much of the firm’s data was publicly dumped already.  But were the pictures and license plate images dumped?  Time to wade through the massive data dump to determine that.

About the author: Dissent