A cyber-attack on U.S. CBP compromises travelers’ photographs

On June 10, officials from United States Customs and Border Protection (CBP) stated that a malware induced cyber-attack compromised travelers' photographs. The officials stated that the cyber-attack, which hit one federal subcontractor, compromised images containing license plate and facial photographs of people. www.washingtonpost.com posted this, June 10, 2019.

A spokesperson of CBP explained that the breach took place when a CBP contractor unlawfully moved license plate photographs and travelers' pictures that the agency collected onto an internal network that had been compromised thereafter via the cyber assault. The agency refrained from telling the subcontractor's name which the attackers targeted.

Now as known U.S government keeps large volume databases of airline passengers' visa and passport photographs and other related personal information. The airlines as well utilize technology for facial recognition, while transfer biometric data of the people to federal agencies which maintain travelers' sensitive information.

Less that 100K travelers' photos got exposed in the breach as the people drove their vehicles on certain specified lanes demarcated for one lone entry port of the land border. The pictures were shot during approximately 45 days, with little other identifying details added along with the pictures, an official of CBP updated late June 10. www.nextgov.com posted this, June 10, 2019.

The agency stated as of Monday that not a single picture was identifiable on the Internet else the Dark Web. However, they would keep watch for any illegitimate revelation. According to the agency, it was on 31st May that officials first got to know about the breach.

The spokesperson further said that initial clues revealed that the subcontractor infringed upon the protocols of privacy and security delineated within the agreement. According to the agency, its databases or internal networks hadn't been hacked at the time of the breach. www.nextgov.com posted this, June 10, 2019.

As per the spokesperson, the agency by now informed the Congress, cyber-security firms and other agencies of law enforcement, while an investigation into the incident by them jointly is underway.

» SPAMfighter News - 6/17/2019