A "malicious cyber-attack" has affected US Customs and Border Protection (CBP), exposing traveller images and license plates. The data breach has heightened concerns over the expansion of facial recognition and federal surveillance systems.
CBP said in a statement on Monday, June 10, that the government's one of the subcontractors' networks was compromised. As per the reports, the subcontractor had stored "copies of license plate images and traveller images collected by CBP."
Even though CBP confirmed that none of the image data was distributed on dark web or internet, the authority declined to answer questions about the scope of a data breach and compromised data, as well as refused to name the subcontractor.
It should be mentioned that the US government controls a huge database, which includes traveller's personal information as well as passport and visa images. Even the airline companies are currently using the facial recognition technology and they share biometric data duly with federal agencies including several sensitive information.
Since 2017, after President Donald Trump had ordered to accelerate the surveillance technology, the primary border control organization of US is also expanding its facial recognition system in international airports.
As per American Civil Liberties Union senior legislative counsel, Neema Singh Guliani this recent cybersecurity breach incident came soon after CBP showed their interest to expand face recognition apparatus in a massive level and collect sensitive information from the travellers, including licence plate image and social media details.
"This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency's data practices," she said. The best chance to protect such information from the hackers would be dismissing the plan to collect such sensitive details from people in the first place, she swiftly noted.
However, the government officials told the New York Times that because of this recent breach, a maximum of 100,000 people had their data stolen. The authority also stated that the unnamed firm violated CBP policies when it transferred those image copies to the subcontractor's company network.
The statement also added that CBP has alerted the "Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities and its own Office of Professional Responsibility to actively investigate the incident. CBP will unwaveringly work with all partners to determine the extent of the breach and the appropriate response."
Meanwhile, another report came on Monday stating that most of the cyber attacks against Chinese networks in 2018 were operated from US. The annual report, released by China's National Computer Network Emergency Response Technical Team (CNCERT), clarified that last year 14,000 servers in US infected by a Trojan virus, which is a malware that is often disguised as legitimate software or botnet controlled over three million host computers in China.