On June 10th, the U.S. Customs and Border Protection agency revealed that travellers’ photos and license plates collected at its borders were exposed and stolen in a cyberattack.
The agency has not named the subcontractor company whose network was hacked.
However, reports show that a Tennessee-based company, called Perceptics, has been linked as the sole provider of license plate readers and is the company that was compromised, as reported by The Associated Press.
The data breach affected less than 100,000 people according to a congressional staffer at the company. It is unclear how many U.S. citizens and foreigners have been impacted by the breach. It is possible that Canadians might have been affected.
A spokesperson from the Canadian Border Services Agency has confirmed to MobileSyrup that it is aware of the cyberattack, and that “the CBSA has held various contracts with Perceptics.”
“We are currently reviewing and assessing what impacts, if any, this breach has on our operations and Canadians. While the CBSA awaits the completion of the forensic investigation, our information at this time is that this incident does not pose systems or security vulnerabilities,” the spokesperson wrote.
The U.S. Customs and Border Protection agency has confirmed that none of the leaked data was available on the internet or the ‘Dark Web.’
“Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract,” the Customs and Border Protection agency said in a statement.
The agency first became aware of the breach on May 31st. The subcontractor violated government policies by transferring copies of the images to its company network. This was done without the agency’s authorization.
The American Civil Liberties Union has expressed concern regarding the breach and noted recent privacy concerns around the Custom and Border Patrol’s usage of facial recognition.
“This breach comes just as CBP seeks to expand its massive face recognition apparatus and collection of sensitive information from travellers, including licence plate information and social media identifiers,” said Neema Singh Guliani, the senior legislative counsel at the ACLU, in a statement.
Image credit: Twitter
Source: The Associated Press
Update 12/06/19: The article was updated with a statement from the Canadian Border Services Agency.