DHS Admits Facial Recognition Photos Were Hacked, Released On Dark Web

An anonymous reader quotes a report from Motherboard: The Department of Homeland Security (DHS) finally acknowledged Wednesday that photos that were part of a facial recognition pilot program were hacked from a Customs and Border Control subcontractor and were leaked on the dark web last year. Among the data, which was collected by a company called Perceptics, was a trove of traveler's faces, license plates, and care information. The information made its way to the Dark Web, despite DHS claiming it hadn't. In a newly released report about the incident, the DHS Office of Inspector General admitted that 184,000 images were stolen and at least 19 of them were posted to the Dark Web.

"CBP did not adequately safeguard sensitive data on an unencrypted device used during its facial recognition technology pilot," the report found. "This incident may damage the public's trust in the Government's ability to safeguard biometric data and may result in travelers' reluctance to permit DHS to capture and use their biometrics at U.S. ports of entry." According to the new report, DHS's biometric database "contains the biometric data repository of more than 250 million people and can process more than 300,000 biometric transactions per day. It is the largest biometric repository in the Federal Government, and DHS shares this repository with the Department of Justice and the Department of Defense." "A subcontractor working on this effort, Perceptics, LLC, transferred copies of CBP's biometric data, such as traveler images, to its own company network," the report found. "The DHS OIG made several recommendations in its report that all boil down to 'tighten up security and make sure this doesn't happen again,'" the report adds.

Re:

[gaxiyi7905]

It is to keep the trolls and people who post swastikas and "Trump 2020" ascii art away.

Re:Why is anonymous posting disabled?

[Arthur, KBE]

That's not working.

Re:

[PopeRatzo]

Why is anonymous posting disabled?

Because you won't stop posting swastikas and spam.

Learn how to behave and maybe you'll get your privileges back.

Re:

[lessSockMorePuppet]

I give it an hour before they realize they forgot to disable it on D1 and mobile.

Or maybe they just screwed up D2. You know some of us actually prefer D2 to mobile and D1.

"...a company called Perceptics"

[Arthur, KBE]

Yeah, that's not ominous.

Re:

[zippthorne]

It's the least ominous one I've seen in one of these so far. For instance, Palantir.

May damage trust?

[Murdoch5]

You can't damage trust that is already so blacklisted that you use it to compare against other horrible implementations.

Yes, of course you get to keep your contract.

[zawarski]

Only small companies need to worry about these issues. Big enough and you can rule with impunity.

No shit?

[bhcompy]

After the OPM leaks, there's no reason to ever trust the govt with this data. Stop being surprised

Re:

[sdinfoserv]

The OPM hack wasn't really a "leak"... all the data stolen - every single federal employee current (at that time) and past, including military and all top-secret clearance applications were stored ~ in the clear ~ as in "not encrypted".
As I said, it wasn’t really a leak, more of a colossal execution of incompetence.
Now, when the NSA was breached, THAT was a leak

don't let it happen again...

[MooseTick]

until it happens again.

I bet if the stakes were the head of DHS is fired if data is leaked, then no data would be collected.

Not surprising

[scdeimos]

The Department of Online Security was responsible for looking after the security of that data. Oh, sorry, we forgot to create it.

Yeah, tighten up security!

[fustakrakich]

But let the perps walk free... That'll teach 'em!

So that's who anti-maskers were

[tlhIngan]

Now it makes more sense. We know anti-maskers were one of those false flag things because masks interfere with facial recognition, and with the public wearing masks you lose the ability. Sure some systems claim to work with masks, but China has showed they don't work.

Anti-maskers are not just government, but people peddling facial recognition systems as the be-all end-all system, and with the public wearing masks, it shows what massive fails those systems are. So the biggest proponents are campaigning against it, even writing it into law that you cannot have mask mandates.

And then like any item, they have fashionable ones with other people's faces (and even animals) printed on them, which will probably fool every system out there if they can't detect the user is wearing a mask and assume the image of a face is of the face and not one wearing a mask with a nose and mouth.

It must scare them that the pandemic has normalized the wearing of masks so much that it's basically destroyed their favorite surveillance tool.

This

[sjames]

And this, boys and girls, is why the Feds can't be entrusted with a master key to encryption.

Re:

[random_nickname_pls]

I'm pretty sure the reason the feds shouldn't have master keys is because of the 4th amendment.

Re:This

[Dutch Gun]

That's the legal reason. This is the practical one.

demanding your keys

[sdinfoserv]

And these are the guys who demand encryption keys and back doors for every system... ya, trust me says the used car salemen.

Out of the office.

[edibobb]

The CBP Computer Security Team was in Portland fighting protesters.