A threat actor by the alias “Boris Bullet-Dodger” broke into the database of a company that provides license plate readers for the U.S. government to use at the Mexican border.
Tennessee-based Perceptics said Thursday it had been breached and that the attacker posted its contents on the dark web, according to The Register.
The attacker leaked 65,000 file names and accompanying directories including files that contained location data, zip codes, presumed government clients, dates, timestamps, image files and other sensitive data that amounted to hundreds of gigabytes of information.
A Perceptics spokesperson told the publication that it is alerting the customers who were affected and is working with authorities to investigate the incident. Panorays Director of Risk & Compliance Dov Goldman noted that there is a significant risk that commuters pay for the convenience of services that allow them to simply drive through tollbooths on roadways.
"The data breach at Perceptics, the largest manufacturer of license plate scanning systems, will force us to consider all the private data collected in this seemingly innocent transaction," Goldman said. "The colorfully named "Boris Bullet-Dodge" hacking group has gained access to much more than just our license plate numbers by penetrating this government contractor's information systems. Perceptics collects personal data for payment (credit card, bank account) and vehicle inspection status, not to mention exactly where we are at a given date and time."
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.