The U.S. Customs and Border Protection agency, the one centrally responsible for securing the country’s borders, was the latest high-profile organization to fall victim to a supply chain attack. The breach exposed data on somewhere around 100,000 people who crossed the United States border at a specific port of entry.
– Advertisement –
OneTrust – CCPA Benchmarking
U.S. Customs and Border Protection’s statement on the matter did not specify the location, but cybersecurity reporters covering the story believe that the data most likely came from a port of entry in Texas, New Mexico or Arizona. This speculation is based on an independent report of a breach during the same time period by a subcontractor that furnishes the agency with license plate readers.
The breach contained copies of license plate images and traveler images collected by U.S. Customs and Border Protection. It exposed clear pictures of the faces of travelers (presumably for use with facial scanning software) and of their license plates. The pictures came from a specific period of about a month and a half, though the exact dates were not specified.
How the U.S. Customs and Border Protection data breach happened
A U.S. Customs and Border Protection subcontractor downloaded the set of images, and the attackers (who the U.S. Customs and Border Protection characterized as “malicious”) breached the subcontractor’s network and gained access to them. The agency states that the subcontractor was not authorized to download those images from their servers, and had done so without permission and without notifying anyone at the agency. While the agency did not disclose the exact number of breach victims, it put the total at “fewer than 100,000” which would be an odd way to characterize anything that was under 90,000 or so.