DHS IG Blames CBP For Failing To Protect Biometric Data That Ended Up On Dark Web

摘要

Biometric data collected as part of a facial recognition pilot program for Customs and Border Protection ended up on a hidden part of the internet that is used for selling and buying illicit data and contraband because the agency failed to use an encrypted device to safeguard the data, the Department of Homeland Security’s Office of Inspector General says in a new report. The traveler images were downloaded by a CBP subcontractor in 2018 and 2019 without the agency’s knowledge for use in improving the company’s facial recognition technology, the IG says. But a malicious cyber attack against Perceptics’ computer network resulted in the theft of 100,000 individual images, 19 of which were discovered to have been posted on the Dark Web.