These license-plate readers collect and store information including peoples' locations, zip codes and even MP3 files, presumably from individuals' computers. Invasive technologies and the "surveillance state" they reveal are a major privacy concern, technologist Chris Garaffa told Sputnik.
"So, what they [the unidentified hackers] found online is hundreds of thousands of files relating to zip codes, locations and even images from these license-plate readers. It's an unbelievable cache of files, and it shows exactly what these devices are tracking and keeping on us. Let's say they go and see my license-plate; they're storing that information, and they could correlate that with when they see my license-plate later on. You do that enough and you can figure out, well, Chris [for example], works here and he lives there. So, there is a lot of different things they [companies like Perceptics] can do with this. So, the issue with license-plate readers themselves is a privacy issue, but now this company has been so derelict in its responsibility to protect that data that they have left it online, open for folks to see," Garaffa continued.
According to the Register, the hundreds of gigabytes of data stored by Perceptics include XLSX (Microsoft Excel spreadsheet) files for locations and zip codes, JPG files that refer to "driver" and "scene," DOCX (Microsoft Word document) files likely related to government clients like the US Immigration and Customs Enforcement (ICE), and many other other files such as MP3 files with songs like "Superstition" by Stevie Wonder and "Wannabe" by the Spice Girls most likely downloaded from someone's laptop. It is not clear how either the license-plate readers or the hackers accessed this information. "Boris Bullet-Dodger" refused to answer any questions regarding the hacked information.
"In this case, Perceptics — their four main focuses [on their website] are electronic toll collection, highway and city security, commercial vehicle enforcement and border security. So, they are tracking cars coming through the border as well, enabling ICE to do that. So, I think the first call that they made when they figured this out was not to their customers, not to the public, but to their lawyers, and that's a typical thing," Garaffa explained.
Following the breach, Casey Self, director of marketing for Perceptics, released a statement saying that the company is "aware of the breach" and has notified its customers.
"We can't comment any further because it is an ongoing legal investigation," Self added. Perceptics did not immediately respond to Sputnik's request for comment.
Perceptics, which used to be a subsidiary of government contractor Northrop Grumman, provides license-plate readers, under-vehicle cameras and driver cameras to US, Canada and Mexico to install at the borders. According to information published by the company, both its readers and cameras can correlate to individuals' "biographic" and "passport data."
"Often when we think about license-plate readers, we are thinking about the tow trucks that come around and tag your car because you haven't paid your car taxes locally. These license-plate readers are used by law enforcement for tracking people; they are used by the DHS [US Department of Homeland Security] and ICE at the border as well. License plates are just one facet of this surveillance state," Garaffa noted.