Skip to main content
  1. Home
  2. News

U.S. border agency says photos of travelers stolen in cyberattack

Jenny McGrath
By

A “malicious cyberattack” on a U.S. Customs and Border Protection subcontractor compromised photographs of travelers going into and out of the country, along with license plates, the agency said Monday.

Customers and Border Protection has known about the attack since May 31. According to agency, a subcontractor transferred the images to its network “in violation of CBP policies and without CBP’s authorization or knowledge.”

Recommended Videos

The images include fewer than 100,000 people in vehicles entering and exiting the United States “through a few specific lanes at a single land border Port of Entry over a 1.5 month period,” according to a CBP spokesperson.

Related

Officials claim that the stolen information hasn’t shown up on the internet or dark web. The Register found files from CBP contractor Perceptics, which makes license plate readers, on the dark web last month.

CBP hasn’t confirmed which of its contractors was attacked, so it’s not clear if the two incidents are connected.

The breach drew condemnation from privacy advocates, including the Electronic Frontier Foundation (EEF).

“EFF is disappointed by reports of the theft from CBP of photos of travelers’ faces and license plates,” said the organization’s senior staff attorney Adam Schwartz. “The inherent risk of such theft is among the reasons why the government should not be amassing this sensitive information in the first place.”

Initial reports reports were unclear about whether photos of travelers entering through airports were involved in the breach, but the CBP says passport and other travel document photos were not compromised, nor were images of airline passengers. When you arrive in the U.S. after an international flight, your stop at customs may include an agent snapping a photo of you. Using facial recognition technology, the agent can then match it with a “biometric template.” That template is a string of numbers representing, say, your passport photo.

“These templates are irreversible and cannot be reverse-engineered by anyone outside of CBP to reconstruct the photo,” according to the CBP.

Customers and Border Protection says it discards” photos of U.S. citizens and exempt aliens within 12 hours of verifying their identity. It can take 14 days to delete other travelers’ photographs. According to agency rules, airports and other partners aren’t allowed to keep any traveler photos they take for identification purposes.

The breach comes at a time when some airlines are planning on using facial recognition not just at customs but for flight check-in and baggage drop, The Washington Post reports.

There are some protections if your license plate information is stolen. While the Driver’s Privacy Protection Act makes it difficult to track down someone’s personal information just from a license plate, some privacy advocates have raised concerns about the amount of data automated plate readers suck up. 

The image quality will depend on whether vehicles at the border crossing had to stop and wait for long stretches due to lots of traffic, Dr. Jennifer King, director of privacy at Stanford’s Center for Internet and Society, told Digital Trends. As for how the images could be used, “It all depends on who stole it,” she said. Criminal hackers and foreign governments would have different motives and uses for the data.

“Having more data to feed into a facial recognition system is always useful, sadly, especially high-quality images taken for that purpose, to really try to focus on identifying people,” said King.

“We’re at the point where training data is hard to find, and getting good training data is invaluable in and of itself, even if it doesn’t ultimately lead to identification of individuals, for example, in the short term,” she added.

The CBP and federal authorities are investigating the breach and monitoring for the stolen information.

Update 6/11/2019: This story was updated to include new details about the amount and type of photographs stolen and to include remarks by Dr. Jennifer King. 

Editors' Recommendations

Topics
Jenny McGrath
Jenny McGrath
Former Digital Trends Contributor
Jenny McGrath is a senior writer at Digital Trends covering the intersection of tech and the arts and the environment. Before…
How Intel and Microsoft are teaming up to take on Apple
An Intel Meteor Lake system-on-a-chip.

It seems like Apple might need to watch out, because Intel and Microsoft are coming for it after the latter two companies reportedly forged a close partnership during the development of Intel Lunar Lake chips. Lunar Lake refers to Intel's upcoming generation of mobile processors that are aimed specifically at the thin and light segment. While the specs are said to be fairly modest, some signs hint that Lunar Lake may have enough of an advantage to pose a threat to some of the best processors.

Today's round of Intel Lunar Lake leaks comes from Igor's Lab. The system-on-a-chip (SoC), pictured above, is Intel's low-power solution made for thin laptops that's said to be coming out later this year. Curiously, the chips weren't manufactured on Intel's own process, but on TSMC's N3B node. This is an interesting development because Intel typically sticks to its own fabs, and it even plans to sell its manufacturing services to rivals like AMD. This time, however, Intel opted for the N3B node for its compute tile.

Read more
How much does an AI supercomputer cost? Try $100 billion
A Microsoft datacenter.

It looks like OpenAI's ChatGPT and Sora, among other projects, are about to get a lot more juice. According to a new report shared by The Information, Microsoft and OpenAI are working on a new data center project, one part of which will be a massive AI supercomputer dubbed "Stargate." Microsoft is said to be footing the bill, and the cost is astronomical as the name of the supercomputer suggests -- the whole project might cost over $100 billion.

Spending over $100 billion on anything is mind-blowing, but when put into perspective, the price truly shows just how big a venture this might be: The Information claims that the new Microsoft and OpenAI joint project might cost a whopping 100 times more than some of the largest data centers currently in operation.

Read more
There’s an unexpected, new competitor in PC gaming
Snapdragon's X Elite PC SoC.

Windows gaming on ARM is becoming a legitimate possibility, and it's not just thanks to the recently unveiled emulation options, but it's chiefly due to the fact that Qualcomm's Snapdragon X Elite is shaping up to be pretty excellent. Spotted in a recent benchmark, the CPU was seen beating some of the best processors on the current market. Are we finally at a point where it's not always going to be a choice between just Intel and AMD?

The benchmarks were posted by user @techinmul on Twitter, and the results couldn't be more promising for the upcoming Qualcomm processor. The chip was tested in Geekbench 6, and although it's important not to take these results entirely at face value, it's an impressive show of performance that bodes well for upcoming thin and light laptops.

Read more