Customs Traveler Data Breach

FILE - In this March 29, 2019, file photo, vehicles line up to enter the U.S. from Mexico at a border crossing in El Paso, Texas. Customs and Border Protection said Monday, June 10, that photos of travelers and license plates collected at a single U.S. border point have been exposed in a malicious cyberattack in what a leading congressman called a "major privacy breach." (AP Photo/Gerald Herbert, File)

WASHINGTON — Tens of thousands of images of travelers and license plates stored by the Customs and Border Protection agency have been stolen in a cyberattack, officials said Monday, prompting renewed questions about how the federal government secures and shares personal data.

A Customs and Border Protection official said the agency learned May 31 that a federal subcontractor transferred copies of the images to the subcontractor’s network, which the agency said was done without its knowledge and in violation of the contract. The subcontractor’s network was then hacked.

A U.S. government official said no more than 100,000 people had their information compromised by the attack.

If that number holds, it would be far smaller than a 2014 breach at the Office of Personnel Management, which lost roughly 22 million security clearance files for government officials and contractors. In that case, China was later identified as the nation that had pulled off what remains the largest known theft of U.S. government data.

“As of today, none of the image data has been identified on the dark web or internet,” the Customs and Border Protection agency said in a statement.

That may not be surprising. If the images were stolen for intelligence purposes, they would not be expected to show up for sale. The Office of Personnel Management data has never been surfaced publicly.

The customs and border agency, a part of the Homeland Security Department, collects passport and visa photographs for a database used for a facial recognition program at airports that department officials say is aimed at expediting movement among travelers. The Customs and Border Protection agency also captures images of the license plates on vehicles entering and exiting the ports of entry along the border.

Neema Singh Guliani, the senior legislative counsel for the American Civil Liberties Union, said the breach exposed the risks of the facial recognition program.

“This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices,” Guliani said. “The best way to avoid breaches of sensitive personal data is not to collect and retain such data in the first place.” — (The New York Times)

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.