According to a CBP statement released on June 10, in late May the government learned that one of its subcontractors’ networks was compromised.
“Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract,” said CBP in a statement, noting that no CBP systems were compromised. “CBP has alerted Members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Professional Responsibility to actively investigate the incident. CBP will unwaveringly work with all partners to determine the extent of the breach and the appropriate response.”
The agency did not reveal how many people’s data was affected by the attack or if they were US citizens or travelers from other countries. It did note that “none of the image data has been identified on the Dark Web or internet.”
CBP removed from service all equipment related to the breach and said it is closely monitoring all CBP work by the subcontractor.