The U.S. Customs and Border Protection has reported that it was a victim of a malicious cyber attack. As a result of the cyber attack, the agency had to endure a data breach which saw photos of travelers and vehicles traveling in and out of the country leaked.
While the U.S. Customs and Border Protection’s networks itself remained unaffected by the breach, the breach happened due to negligence from a subcontractor’s network. It is believed that the subcontractor transferred the information to its own network which was later hit by a cyber attack. The agency has chosen to not name the subcontractor in question.
The agency in a statement said: “CBP learned that a subcontractor, in violation of CBP policies and without CBP’s authorization or knowledge, had transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network.”
The agency learned about the breach on May 31. The cybersecurity incident affected lesser than 100,000 people over a period of a month and a half. An agency spokesperson said: “No passport or other travel document photographs were compromised and no images of airline passengers from the air entry/exit process were involved.”