DHS Admits Facial Recognition Photos Were Hacked, Released On Dark Web

An anonymous reader quotes a report from Motherboard: The Department of Homeland Security (DHS) finally acknowledged Wednesday that photos that were part of a facial recognition pilot program were hacked from a Customs and Border Control subcontractor and were leaked on the dark web last year. Among the data, which was collected by a company called Perceptics, was a trove of traveler’s faces, license plates, and care information. The information made its way to the Dark Web, despite DHS claiming it hadn’t. In a newly released report about the incident, the DHS Office of Inspector General admitted that 184,000 images were stolen and at least 19 of them were posted to the Dark Web.

“CBP did not adequately safeguard sensitive data on an unencrypted device used during its facial recognition technology pilot,” the report found. “This incident may damage the public’s trust in the Government’s ability to safeguard biometric data and may result in travelers’ reluctance to permit DHS to capture and use their biometrics at U.S. ports of entry.” According to the new report, DHS’s biometric database “contains the biometric data repository of more than 250 million people and can process more than 300,000 biometric transactions per day. It is the largest biometric repository in the Federal Government, and DHS shares this repository with the Department of Justice and the Department of Defense.” “A subcontractor working on this effort, Perceptics, LLC, transferred copies of CBP’s biometric data, such as traveler images, to its own company network,” the report found. “The DHS OIG made several recommendations in its report that all boil down to ‘tighten up security and make sure this doesn’t happen again,'” the report adds.

Read more of this story at Slashdot.

Source: Slashdot