The photos and license plate images of up to 100,000 travelers who were processed through a few specific lanes of a single U.S. border crossing have been stolen by hackers. The data breach covered a period of one and a half months, according to US Customs and Border Protection (CBP). The CBP processes over a million visitors to the US every day.
Zack Whittaker filed this report on the CBP data breach for TechCrunch
“CBP learned that a subcontractor, in violation of CBP policies and without CBP’s authorization or knowledge, had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network,” said an agency statement.
“Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract,” the statement read. The agency first learned of the breach on May 31.
A spokesperson for the agency later said the security incident affected “fewer than 100,000 people” through a “few specific lanes at a single land border” over a period of a month and a half. “No passport or other travel document photographs were compromised and no images of airline passengers from the air entry/exit process were involved,” the spokesperson said. The agency did not name the subcontractor.
[…]
Ron Wyden, a Democratic senator vocal on national security issues, said the government “needs to explain exactly how it intends to prevent this kind of breach from happening in the future.”
“This incident should be a lesson to those who have supported expanding government surveillance powers – these vast troves of Americans’ personal information are a ripe target for attackers,” said Wyden. News of the CBP breach has drawn ire from the civil liberties crowd, which have long opposed the collection of facial recognition at the border.
