Coverage: Data breach exposes U.S. traveler data
Photos and license plates of travelers passing through a U.S. border point have been compromised in a cyberattack.
Kate Sullivan and Geneva Sands reported the news for CNN:
US Customs and Border Protection announced Monday photos of travelers and license plates were recently compromised in a data breach.
In a statement, CBP said it learned on May 31 that a subcontractor “had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network. The subcontractor’s network was subsequently compromised by a malicious cyber-attack.”
The agency has notified Congress and is working with law enforcement and cybersecurity entities to “determine the extent of the breach and the appropriate response,” according to the statement.
AP’s Frank Bajak had the details and some background:
A Customs spokesman said initial reports indicated that the images involved fewer than 100,000 people; photographs were taken of travelers in vehicles entering and exiting the United States at a single land-border port of entry over one and a half months.
Automated license-plate readers are used for “detecting, identifying, apprehending, and removing individuals illegally entering the United States at and between ports of entry or otherwise violating U.S. law,” the Department of Homeland Security says in a December 2017 privacy document . Recorded license plates are checked in real time against DHS databases to which 13 federal agencies have access.
Maggie Miller from The Hill said a House panel has scheduled a hearing on the use of biometric data:
The House Homeland Security Committee will hold hearings next month on the Department of Homeland Security’s use of biometric information, committee Chairman Bennie Thompson (D-Miss.) announced Monday.
Thompson’s announcement was made on the heels of the disclosure by U.S. Customs and Border Protection (CBP) that a subcontractor had suffered a data breach, compromising photos of travelers and license plates compiled by the border agency.
CBP told The Hill the subcontractor that had its network breached had not been given permission to transfer CBP photos to its system. CBP has not named the subcontractor, and told The Hill that as of Monday, none of the images involved in the breach has been discovered on the darknet.