Last week, the U.S. Homeland Security Administration publicly announced that some of the images available on the internet were videos that could identify travelers.
This article will also interest you: Data Leaks: several billion login data available on the Internet without any protection
These videos were allegedly hacked and published on the Dark web. In short, there are also pictures of the faces of travellers where you can clearly see faces, license plates or other information about their health. According to the Department of Homeland Security, the data leak was located with a customs and border control subcontractor called Perceptics.
The hacked information is indeed available on the Dark Web. Yet in the early days of the data leak, the U.S. Department of Homeland Security had formally denied this. According to a statement from a report prepared by the office of the U.S. Inspector General on the computer incident, nearly 184,000 images were stolen by hackers. The office then acknowledged that there were 19 images available on the dark side of the Internet.
According to the report, the data leak was facilitated by a lack of organization and security of sensitive data, which is available on an unencrypted device of the Customs and Border Protection.
The report stated that: "Customs and Border Protection (CBP) did not properly protect sensitive data on an unencrypted device used during its facial recognition technology pilot project."
This incident, it should be noted, in some ways will have a significant impact on public confidence in the U.S. government on the security issue. Travellers may begin to refuse certain controls on their biometric data at the level and customs services. The report states: "This incident may undermine public confidence in the government's ability to safeguard biometric data and may result in a reluctance of travellers to allow DHS to enter and use their biometric data at U.S. Customs."
Several technologies are used in the processing and analysis of biometric data of travellers by CBP. In particular, there are devices used for facial recognition, cameras to make images of vehicles as well as faces crossing the border. The data is then collected and collected in different computers. The entire system allows the Department of Homeland Security to be able to control inflows and exits from U.S. territory or easily search for criminals on the run, as well as terrorists.
Apparently, the biometric data set collected is analyzed by the Department of Homeland Security: "contains the biometric data repository of more than 250 million people and can process more than 300,000 biometric transactions per day. This is the largest filing of biometric data by the federal government, and DHS shares this repository with the Department of Justice and the Department of Defence. ».
Deployments of such a biometric analysis device and necessarily expensive. So we can imagine the budget for all this work. Involving a developed network of contractors and subcontractors. Perceptics is one of those private companies involved in this technology production chain. Its role is mainly to process images of faces as well as vehicles that have been captured at the toll posters. Moreover for this reason the report mentioned its involvement in this data leak because of the presence of vehicle license plates on the Dark web.
"A subcontractor working on this project, Perceptics, transferred copies of CBP's biometric data, such as passenger images, to its own corporate network," the report said. In addition, the U.S. Department of Homeland Security noted that "later in 2019, DHS experienced a major privacy incident, as the subcontractor's network was subjected to a malicious cyber attack."
In addition, the person responsible for this incident is a hacker known as Boris Bullet-Dodger.
Now access an unlimited number of passwords: