Credit: US CBP |
Officials of the US Customs and Border Protection (CBP) on Monday, said one of its subcontractors has been hacked in a “malicious cyberattack,” which has seen the public photos of incoming and outgoing travelers, released to the public.
A law enforcement official tipped that less than 100,000 people are affected in the recent attack.
Reports from a CBP spokesperson to the Register hints, personal pictures of people’s faces and license plates, had been transferred to the subcontractor’s network without the federal agency being privy of it.
Thankfully, to the knowledge of the general public, all stolen data didn't include any particularly identifying information, and also worthy of note is the fact that passports weren't stolen either.
Rumors of the Cyber attack started flying around on the 31st of May.
The CBP did not take note of the name of the subcontractor. The Register initially reported on May 24 that a hacker named “Boris Bullet-Dodger” stole data from Perceptics, a company that provides license plate reader technology for the US-Mexico border. The hacker however, proceeded with making duplicates of it (for free download) on the dark web.
For now, investigators haven't drawn a clear line linking the two incidents, but the CBP later clarified that so far, none of the image data have been seen and recognized on the regular internet or Dark web.
This is just in, amidst a time of heated debates by lawmakers and civil liberty groups, who have all expressed deep worries over technical hitches which Facial recognition technology still faces today, with reports of false matches and subsequent arrests (made in error). -although inspite of these shortcomings, improval of public safety seem to be core at heart.
Among other things, it's evident that CBP employ cameras and video recordings at airports and land border crossings, all in its bid to fast-track identification of people entering and exiting the United states, as part of its facial-recognition program.
Databases often contain highly confidential information of individuals, and have become a target by Cyber criminals. This incident is one of many, which highlights the necessity for government institutions to be flexible in their data collection policies and practices.