Hackers breached a company that provides license plate reader technology for the US government, including at the border with Mexico.
The hackers posted what appears to be the internal data of the company, called Perceptics, on a dark web website on Thursday. A company employee confirmed to Motherboard that Perceptics was hacked.
“We are aware of the breach and have notified our customers. We can’t comment any further because it is an ongoing legal investigation,” Casey Self, director of marketing for Perceptics said in an online message. The Register first reported the news on Thursday.
The data appears to include a variety of databases, company documents, and financial information, according to the file directory giving an overview of the stolen material. Boris Bullet-Dodger, the hacker who listed the data online, contacted Motherboard with a link to the stolen data on Thursday.
"perceptics.com hacked, dat[a] leak," the hacker wrote in an email.
Do you know anything else about this breach? You can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on email@example.com, or email firstname.lastname@example.org.
Perceptics, once a subsidiary of major government contractor Northrop Grumman, mainly distributes license plate readers, under-vehicle cameras, and driver cameras to the U.S., Canada, Mexico to place at border crossings. According to a company slide presentation from 2016, its readers and cameras are designed to be combined with federal “biographic/passport data” of the passengers.
U.S. Customs Service has used Perceptics services since 1982, and the company has had licence plate readers at all U.S.-Mexico border crossings since 2002. The company also has contracts with the United Arab Emirates, Saudi Arabia, Singapore, and Malaysia as well as several U.S. states like New Jersey. According to government contract awards, Perceptics also did business with the U.S. Drug Enforcement Administration in 2016.
Boris previously took credit for a hack against CityComp, a German company that provides internet infrastructure for some of the world's biggest companies, including Airbus, Oracle, and Volkswagen. In an email, Boris previously explained that hack and data listing was part of an extortion effort against the company. With the Perceptics breach, Boris did not respond to follow-up questions asking about the motivation behind the hack.
Hackers sometimes approach the media in an attempt to generate coverage, which in turn may exert pressure on their extortion victims. The Dark Overlord, a hacking group that has previously breached a Netflix-linked production studio and other high profile targets, often sends reporters caches of stolen material before then dumping parts of it publicly.
Subscribe to our new cybersecurity podcast, CYBER.