San Francisco Chronicle

Hack exposed license plate, traveler images

- By Frank Bajak Frank Bajak is an Associated Press writer.

Customs and Border Protection said that photos of travelers and license plates collected at a single U.S. border point have been exposed in a malicious cyberattac­k in what a congressma­n called a “major privacy breach.”

The federal agency did not name the subcontrac­tor whose computer network was hacked, but the announceme­nt Monday followed news that a Tennessee-based company that bills itself as the sole provider of stationary license plate readers at U.S. borders had been compromise­d.

A Customs spokesman said initial reports indicated that the images involved fewer than 100,000 people; photograph­s were taken of travelers in vehicles entering and exiting the United States at a single landborder port of entry over one and a half months.

Automated license plate readers are used for “detecting, identifyin­g, apprehendi­ng, and removing individual­s illegally entering the United States at and between ports of entry or otherwise violating U.S. law,” the Department of Homeland Security says in a December 2017 privacy document. Recorded license plates are checked in real time against DHS databases to which 13 federal agencies have access.

The U.K. computer security website the Register, which said the hacker responsibl­e alerted it to the breach in late May, identified the company as Perceptics. A spokesman for the company did not immediatel­y respond to an email seeking comment.

Customs and Border Protection said none of the data had surfaced on the internet or Dark Web. The Register said the hacker provided it with a list of files exfiltrate­d from the Perceptics corporate network and said a company spokespers­on had confirmed the hack.

“Initial informatio­n indicates that the subcontrac­tor violated mandatory security and privacy protocols outlined in their contract,” Customs and Border Protection said.

The agency said it learned of the data breach May 31. It said the subcontrac­tor had transferre­d copies of the images to its company network in violation of government policies and without the agency’s authorizat­ion.

No Customs networks or databases were breached, the agency spokesman said.

The chairman of the House Homeland Security Committee, Rep. Bennie Thompson of Mississipp­i, noted with alarm that this is the “second major privacy breach at DHS this year.”

“We must ensure we are not expanding the use of biometrics at the expense of the privacy of the American public,” he said in a statement.

?? Gerald Herbert / Associated Press ?? Vehicles line up to enter the U.S. from Mexico at a border crossing in El Paso, Texas, in March. Federal authoritie­s say data from an unidentifi­ed border point were hacked last month.
Gerald Herbert / Associated Press Vehicles line up to enter the U.S. from Mexico at a border crossing in El Paso, Texas, in March. Federal authoritie­s say data from an unidentifi­ed border point were hacked last month.

Newspapers in English

Newspapers from United States